More Information:

Security Advisories that affect Supermicro BIOS:

• AMD-SN-4002 - AMD Client Vulnerabilities – November 2023
  • Summary: Potential vulnerabilities in AMD Secure Processor (ASP), AMD System Management Unit (SMU), and other platform components were discovered, and mitigations are being provided in AGESA™ firmware software packages.
  • Description: The following potential vulnerabilities affecting AMD Secure Processor (ASP), AMD System Management Unit (SMU), and other platform components were found during audits performed internally as well as by third parties. Mitigation is being provided in AGESA™ firmware software packages associated with AMD Athlon™ Processors, Ryzen™ Processors and Threadripper™ Processors.
  • Severity: High
• AMD-SN-3002 - AMD Server Vulnerabilities – November 2023
  • Summary: Audits performed on AMD EPYC™ uncovered potential vulnerabilities affecting AMD Server platforms.
  • Description: The following potential vulnerabilities in AMD EPYC™ Processor platforms affecting AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) and other platform components, were found during audits performed internally as well as by third parties.
  • Severity: High

Affected Products

Additional Resources

Security Advisories that affect BIOS:

• AMD Security Notice AMD-SN-4002
  • CVE-2022-23821, CVE-2022-23820, CVE-2023-20563, CVE-2023-20565, CVE-2021-46774, CVE-2023-20571, CVE-2023-20533, CVE-2023-20521, CVE-2021-46758, CVE-2021-46766, CVE-2023-20526
• AMD Security Notice AMD-SN-3002
  • CVE-2021-26354CVE-2022-23820, CVE-2021-46774, CVE-2023-20533, CVE-2023-20519, CVE-2023-20566, CVE-2023-20521, CVE-2021-46766, CVE-2022-23830, CVE-2023-20526, CVE-2021-26345