Over the past couple of years, we are accustomed to the fact that if any vulnerabilities are found in processors, they often concern Intel processors more. However, a new vulnerability called SMM Callout Privilege Escalation (CVE-2020-12890) is an exception, as it was discovered in AMD processors.
It was discovered by security specialist Danny Odler, but AMD itself reported it. The vulnerability allows a conditional attacker to manipulate the AGESA protocol to execute arbitrary code that is not detected by the operating system.
AMD points out two important points. Firstly, according to its data, the vulnerability exists only on certain client and embedded hybrid processors that were released between 2016 and 2019 (there are no exact models), and secondly, and this is important, the situation can be corrected by a simple update of AGESA, and AMD has already provided patches to most customers. The rest will receive them before the end of this month.
Recently news
746 arrests, 2 tons of drugs, 54 million pounds and dozens of weapons. EncroChat anonymous service successfully hacked in Europe
Intel Core i7-10700K made it into the Top 10 Mindfactory processors, slightly weakening Ryzen’s total superiority
BlueLeaks: activists published data of 200 police agencies in the public domain
AMD Ryzen 3000XT Processors Introduced
Velociraptor is a hackintosh based on Ryzen processors for at least $ 2,200. But there are doubts about the project
Vulnerability found in Arm processors that could allow an attacker to gain unauthorized access to data