No CVE(s) from US-CERT/NIST/MITRE/NVD.
No AMD tracking id or public response from AMD.
No response from AMD support on the below question on their support forums.
AFAICT, AMD does not have a security advisories page, just occasional announcements on the main PR site. Intel does. Then again, AFAICT, neither does ARM.
Researcher clarifies original statement a bit:
“I would like to clarify that here “remote” means remote code execution on
the TPM component. To mount the attack, local host access is still required.
Sorry if it caused any confusion.”
One thought on “a bit more on AMD PSP vuln”