01642 06 11 11 Arrange Call

TOCTOU Vulnerability in ASP Bootloader: Tampering with SPI ROM Records

CVE-2023-20521 · LOW

CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L

CVE-2023-20521

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.

Learn more about our Physical Security Assessment.