CVE-2023-20522

2023-01-1020:56:58

AMD

www.cve.org

asp

input validation

attacker

bios

denial of service

0.001 Low

EPSS

Percentile

37.0%

JSON

Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "2nd Gen EPYC",
    "vendor": " AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen EPYC",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032

0.001 Low

EPSS

Percentile

37.0%

JSON

Related for CVELIST:CVE-2023-20522