{"Arbitrary Code Execution Vulnerability in SMM's SPI Flash"}

CVE-2023-20587

Currently unrated 🤨

Key Information

Vendor: AMD
Status: 3rd Gen AMD EPYC™ Processors; 4th Gen AMD EPYC™ Processors; 1st Gen AMD EPYC™ Processors; 2nd Gen AMD EPYC™ Processors
Vendor: CVE Published:; 13 February 2024

Summary

Improper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI flash potentially leading to arbitrary code execution.

Affected Version(s)

3rd Gen AMD EPYC™ Processors = various

4th Gen AMD EPYC™ Processors = various

1st Gen AMD EPYC™ Processors <= various

Timeline

Vulnerability published.
Feb 13, 2024
Vulnerability Reserved.
Oct 27, 2022

Collectors

NVD DatabaseMitre Database