CVE-2020-12890

2020-06-1700:00:00

AMD

www.cve.org

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Improper handling of pointers in the System Management Mode (SMM) handling code may allow for a privileged attacker with physical or administrative access to potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by the operating system.

CNA Affected

[
  {
    "product": "AMD Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "Processor  EPYC "
      }
    ]
  }
]

References

www.amd.com/en/corporate/product-security