BIOS with AGESA 1.2.0.3e closes TPM vulnerability on AM5

Motherboards based on the AM5 socket have started to receive BIOS updates with firmware AGESA 1.2.0.3e, which fixes a dangerous vulnerability in the TPM 2.0 module. The problem with the identifier CVE-2025-2884 allows attackers with standard user rights to access TPM data or disrupt its operation by causing out of bounds memory read.

Vulnerability acknowledged medium severity (CVSS score 6.6), but the seriousness lies in its availability - it does not require kernel privileges. Unlike past microcode-related bugs, this means increased risk for users. AMD's BIOS update is now does not allow to roll back to an older version, so it is important to ensure compatibility in advance.

AGESA 1.2.0.3e also adds support for new Ryzen processors, presumably the Ryzen 9000F series expected soon. While patches for other generations, including Ryzen 3000, 5000, and mobile series like Picasso and Strix Point, have been released before, the AM5 platforms are only now receiving the update. BIOS updates are now available for motherboards from ASUS, MSI and other manufacturers - It is recommended to check the support site for your model.