CVE-2023-20578 Information

Description

A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.

Reference

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html