Overview

• AMD has disclosed new BIOS-side vulnerabilities across all Zen CPU generations, impacting security through the SPI connection.
• The vulnerabilities, listed as high severity, could lead to denial of service, execution of arbitrary codes, and system integrity bypass.
• AMD has released BIOS mitigations for all Ryzen CPU lineups, including EPYC, Threadripper, and Embedded series, through updated AGESA versions.
• Not all motherboard vendors have released updates with the patched AGESA, leaving some chips vulnerable.
• For Zen 2-based chips, the new AGESA versions also address Zenbleed, a previously disclosed vulnerability.