Skip to main content
AMD Security Bulletin AMD-SB-7009, February 2024

Vulnerability Disclosure:

Supermicro is aware of the AMD Processor Vulnerabilities. This issue affects AMD EPYC™ 1st Gen, AMD EPYC™ 2nd Gen, AMD EPYC™ 3rd Gen and 4th Gen Processors.


CVECVSS ScoreCVE Description
CVE-2023-20576HighInsufficient Verification of Data Authenticity in AGESATM may allow an attacker to update SPI ROM data potentially resulting in denial of service or privilege escalation.
CVE-2023-20577HighA heap overflow in SMM module may allow an attacker with access to a second vulnerability that enables writing to SPI flash, potentially resulting in arbitrary code execution.
CVE-2023-20579HighImproper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.
CVE-2023-20587HighImproper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI flash potentially leading to arbitrary code execution.

Affected products:

Supermicro BIOS in the H11, H12 and select H13 motherboards

AMD Motherboard GenerationBIOS Version with the fix
H11 - Naplesv 2.8
H11 - Romev 1.4
H12 – Rome/Milanv 2.8
H13SSWv 1.6
H13DSHv 1.6
H13DSG-O-CPUv 1.6a
H13SST-G/GCv 1.6
H13SSL-N/NCv 1.6
H13SSHv 1.7
H13DSG-O-CPU-Dv 1.6
H13SSFv 1.6
H13SVW-NTv 1.1b
H13DSG-OMv 1.0


  • All affected Supermicro motherboard SKUs will require a BIOS update to mitigate this potential vulnerability.
  • An updated BIOS firmware had been created to mitigate this potential vulnerability. Supermicro is currently testing and validating affected products. Please check Release Notes for the resolution.

Certain products may not be available in your region