CVE-2020-12954

Summary

A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification.

Affected Software

VendorProductVersion RangeStatus
AMD1st Gen AMD EPYC™unspecified < NaplesPI-SP3_1.0.0.Gaffected
AMD2nd Gen AMD EPYC™unspecified < RomePI-SP3_1.0.0.Caffected
AMD3rd Gen AMD EPYC™unspecified < MilanPI-SP3_1.0.0.4affected

Weaknesses

  • CWE-693: CWE-693 Protection Mechanism Failure

ADP Enrichment

CVE Program Container

Additional References

References