Description
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4005
Scores
CVSS v3
6.8
EPSS
0.0013
EPSS Percentile
31.7%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
Status
published
Products (50)
amd/4700s_firmware
amd/athlon_gold_3150c_firmware
amd/athlon_gold_3150g_firmware
amd/athlon_gold_3150ge_firmware
amd/athlon_gold_3150u_firmware
amd/athlon_gold_pro_3150g_firmware
amd/athlon_gold_pro_3150ge_firmware
amd/athlon_pro_300ge_firmware
amd/athlon_pro_3045b_firmware
amd/athlon_pro_3145b_firmware
... and 40 more
Published
Aug 08, 2023
Tracked Since
Feb 18, 2026