Vulnerability in Amd 1st Gen Epyc™
CVE-2023-20520
Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution.
EPSS: 0.006 (71.1th percentile) — read the EPSS interpretation.
Affected products
- Amd 1st Gen Epyc™ — versions various
- Amd 2nd Gen Epyc™ — versions various
- Amd 3rd Gen Epyc™ — versions various
References
- www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 (vendor-advisory)