CVE-2023-20521 Information

Nov 15, 2023 cve

Description

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification potentially leading to loss of confidentiality or a denial of service.

Reference

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002

Share on: