That is not possible I tell you, only Intel cpu's have security vulnerabilities, AMD can do no wrong. I demand that you print a retraction and apology to AMD.

It is not a CPU bug, it is a BIOS bug.

Every company can go wrong and will and did ...etc. The same for AMD - but how often? Will they learn from it? Do they play it down? What is their policy? How do they tackle the issues on up comming devices?

you can be sure if AMD fails as often as intel in the recent time - the same will be said about AMD... do you remember the FX bashing?

This.

I've been a pretty unashamed AMD fanboy for a while now (15+ years, although I did skip straight from a Phenom II x6 to Ryzen... sorry bulldozer), but I don't think I've ever said that AMD didn't have undiscovered security issues in their chips. The relative lack of reported issues compared to Intel does seem to point to several possibilities:

1. Security researchers haven't been looking into AMD nearly as much (either due to relative market size, or because of funding/priorities).
2. Meltdown/Spectre gave just enough of a lever/insight into Intel's weak spots that they're prying it wide open.
3. AMD's architecture may have skipped some of the shortcuts that Intel took, leading to a more secure design.

AMD's chips may be swiss cheese, and we haven't discovered the holes yet. For now, until Intel straightens their chip design out and improves their pricing/performance/TDP, I'm not even bothering to recommend Intel-based systems to people. The Ryzen series is good enough for pretty much any use case someone would care to ask me for recommendations about.

"The targeted attack described in the research requires privileged physical or administrative access to a system based on select AMD notebook or embedded processors."
So, yeah, if that's the case, there are bigger problems to worry about.
Now, I'm not saying, that this is not a bug - it is. But it looks to be fixable by updating the AGESA/UEFI/BIOS/FW itself.
Anyone remember Ryzenfall?

As far as straw men go this is a particularly weak one... Ever since the first speculative execution attacks it's been clear that all modern processors with speculative execution are vulnerable to some extent. The only modern processor core that I can recall being confirmed to be totally invulnerable is the ARM Cortex A53, but that's only because it doesn't even have branch prediction in the strictest sense of the word.

However the big cross-vendor takeaway has been that Intel has, pardon my french, screwed the pooch way worse than anyone else in the market.

Requisite Reddit link

This. It's a bug in the AGESA code run in by the UEFI board firmware, not a hardware bug.

Yeah, because it is a AGESA bug. AGESA is a blob that AMD provides to board manufacturers, it is basically the "hardware drivers" for the UEFI firmware. It's responsible of initializing the hardware from a cold state and is also what is called by UEFI when the OS requests some actions with ACPI interface (which is just a standard way to ask the UEFI firmware to do something).