CVE-2020-12961

2021-11-0900:00:00

CWE-20

AMD

www.cve.org

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections.

CNA Affected

[
  {
    "product": "2nd Gen AMD EPYC™",
    "vendor": "AMD",
    "versions": [
      {
        "lessThan": "RomePI-SP3_1.0.0.C",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "3rd Gen AMD EPYC™",
    "vendor": "AMD",
    "versions": [
      {
        "lessThan": "MilanPI-SP3_1.0.0.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021