Refine your search
11 vulnerabilities found for AMD Ryzen™ Embedded 9000 Series Processors by AMD
CVE-2024-36343 (GCVE-0-2024-36343)
Vulnerability from cvelistv5
Published
2026-05-19 21:03
Modified
2026-05-20 13:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-124 - Buffer Underwrite ('Buffer Underflow')
Summary
Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment (TSEG) memory region, potentially resulting in loss of confidentiality or integrity.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-20T13:46:11.620172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-20T13:46:23.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4005",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7_1.0.0.Bg"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "DragonRangeFL1_1.0.0.3l"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5-PI_1.0.0.e"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3g"
},
{
"status": "unaffected",
"version": "ComboAM5 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Mobile Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "FireRangeFL1PI 1.0.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI MAX",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixHaloPI-FP11_1.0.0.2b"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.0f"
},
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.2e"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.1.0.0k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.0.0.1m"
},
{
"status": "unaffected",
"version": "StormPeakPI-SP6_1.1.0.0k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3g"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Embedded-PI_FP7r2 100F"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.5"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedPhoenixPI-FP7r2_1.0.0.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.7"
}
]
}
],
"datePublic": "2026-05-19T21:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment (TSEG) memory region, potentially resulting in loss of confidentiality or integrity.\u003cbr\u003e"
}
],
"value": "Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment (TSEG) memory region, potentially resulting in loss of confidentiality or integrity."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-124",
"description": "CWE-124 Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T21:03:48.439Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36343",
"datePublished": "2026-05-19T21:03:09.395Z",
"dateReserved": "2024-05-23T19:44:47.200Z",
"dateUpdated": "2026-05-20T13:46:23.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0045 (GCVE-0-2025-0045)
Vulnerability from cvelistv5
Published
2026-05-15 01:47
Modified
2026-05-15 13:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0045",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-15T13:35:07.970276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T13:35:15.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics\r\nRyzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z1 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 2000 Mobile Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
}
]
}
],
"datePublic": "2026-05-15T01:44:38.142Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service\u003cbr\u003e"
}
],
"value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service"
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T01:47:31.317Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-0045",
"datePublished": "2026-05-15T01:47:31.317Z",
"dateReserved": "2024-11-21T16:18:13.504Z",
"dateUpdated": "2026-05-15T13:35:15.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0432 (GCVE-0-2026-0432)
Vulnerability from cvelistv5
Published
2026-05-15 01:46
Modified
2026-05-16 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-276 - Incorrect Default Permissions
Summary
Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-16T03:56:10.732Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 400 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.14.329"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7002 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.14.329"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7001 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.14.329"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 8.01.20.513"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300A Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9V64H Processor",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 8.01.20.513"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2026-05-15T01:44:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
}
],
"value": "Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T01:46:53.761Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2026-0432",
"datePublished": "2026-05-15T01:46:24.662Z",
"dateReserved": "2025-12-06T13:53:34.788Z",
"dateUpdated": "2026-05-16T03:56:10.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48521 (GCVE-0-2025-48521)
Vulnerability from cvelistv5
Published
2026-05-15 01:45
Modified
2026-05-15 13:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir") | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48521",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-15T13:32:12.971646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T13:32:19.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors (formerly codenamed \"Castle Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors (formerly codenamed \"Castle Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Pollock\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 7.02.13.148"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 7.02.13.148"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2026-05-15T01:44:26.968Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.\r\n \u003cbr\u003e"
}
],
"value": "Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T01:45:34.221Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-48521",
"datePublished": "2026-05-15T01:45:34.221Z",
"dateReserved": "2025-05-22T16:34:07.748Z",
"dateUpdated": "2026-05-15T13:32:19.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48512 (GCVE-0-2025-48512)
Vulnerability from cvelistv5
Published
2026-05-15 01:45
Modified
2026-05-16 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-276 - Incorrect Default Permissions
Summary
Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir") | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48512",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-16T03:56:09.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z1 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.14.329"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7002 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.14.329"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7001 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.14.329"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 7.04.09.545"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300A Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9V64H Processor",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Server Software 8.03.16.641"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Chipset Driver 7.04.09.545"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2026-05-15T01:49:24.634Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
}
],
"value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T01:50:06.870Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-48512",
"datePublished": "2026-05-15T01:45:05.943Z",
"dateReserved": "2025-05-22T16:34:07.747Z",
"dateUpdated": "2026-05-16T03:56:09.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36345 (GCVE-0-2024-36345)
Vulnerability from cvelistv5
Published
2026-05-15 01:42
Modified
2026-05-19 21:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1274 - Improper Access Control for Volatile Memory Containing Boot Code
Summary
Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD EPYC™ 4004 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-15T13:18:17.243187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T13:29:37.501Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4005",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7_1.0.0.Bg"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "DragonRangeFL1_1.0.0.3l"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.0.0.e"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3g"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Mobile Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "FireRangeFL1PI 1.0.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI MAX",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixHaloPI-FP11_1.0.0.2b"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.0f"
},
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.2e"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.1.0.0k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.0.0.1m"
},
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.1.0.0k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3g"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3j"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedPhoenixPI-FP7r2_1.0.0.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Embedded-PI_FP7r2 1012"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.7"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.7"
}
]
}
],
"datePublic": "2026-05-19T21:02:08.763Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.\u003cbr\u003e"
}
],
"value": "Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1274",
"description": "CWE-1274 Improper Access Control for Volatile Memory Containing Boot Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T21:02:28.931Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36345",
"datePublished": "2026-05-15T01:42:46.649Z",
"dateReserved": "2024-05-23T19:44:47.200Z",
"dateUpdated": "2026-05-19T21:02:28.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0438 (GCVE-0-2026-0438)
Vulnerability from cvelistv5
Published
2026-05-15 01:41
Modified
2026-05-19 21:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1072 - Call to Function Pointer from Untrusted Control Sphere in SMM
Summary
A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-15T13:17:40.357741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T13:29:51.481Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "DragonRangeFL1PI 1.0.0.3k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.0.0.d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "FireRangeFL1PI 1.0.0.0d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.0e"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.0.0.1m"
},
{
"status": "unaffected",
"version": "StormPeakPI-SP6_1.1.0.0k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI_1.2.0.3i"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI_1.2.0.3i"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI_1.2.0.3i"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixHaloPI-FP11_1.0.0.2a"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z1 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z1 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.2d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z2 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI_1.3.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI_1.3.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI_1.3.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.5"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedPhoenixPI-FP7r2_1.0.0.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.5"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.0.0.d / ComboAM5PI 1.1.0.3f / ComboAM5PI_1.2.0.3i"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI_1.2.0.3i"
}
]
}
],
"datePublic": "2026-05-19T20:59:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system\u2019s confidentiality, integrity, and availability.\u003cbr\u003e"
}
],
"value": "A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system\u2019s confidentiality, integrity, and availability."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "PHYSICAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1072",
"description": "CWE-1072 Call to Function Pointer from Untrusted Control Sphere in SMM",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T21:01:36.151Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2026-0438",
"datePublished": "2026-05-15T01:41:25.568Z",
"dateReserved": "2025-12-06T13:53:51.228Z",
"dateUpdated": "2026-05-19T21:01:36.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54502 (GCVE-0-2025-54502)
Vulnerability from cvelistv5
Published
2026-04-16 18:46
Modified
2026-04-17 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-668 - Exposure of Resource to Wrong Sphere
Summary
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD EPYC™ 9004 Series Processors | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-17T03:55:16.268Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MilanPI-SP3_1.0.0.J"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7002 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Rome-1.0.0.P"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 4004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.0.0.d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "TurinPI-SP5_1.0.0.9"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300A Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MI300A 1.0.0.C"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9V64H Processor",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MI300C 1.0.0.3"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RenoirPI-FP6 1.0.0.Ed"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7_1.0.0.Bg"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PicassoPI-FP5_1.0.1.2e"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MendocinoPI-FT6_1.0.0.7g"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "DragonRangeFL1PI 1.0.0.3k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.0.0.d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.10"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ChagallWSPI-sWRX8 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CezannePI-FP6_1.0.1.1d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CastlePeakWSPI-sWRX8 1.0.0.I"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "FireRangeFL1PI 1.0.0.0d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.0e"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ChagallWSPI-sWRX8 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.0.0.1m"
},
{
"status": "unaffected",
"version": "StormPeakPI-SP6_1.1.0.0k"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3h"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3h"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3h"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CezannePI-FP6_1.0.1.1d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CezannePI-FP6_1.0.1.1d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.10"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.10"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.10"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4PI 1.0.0.10"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PicassoPI-FP5_1.0.1.2e"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7_1.0.0.Bg"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixHaloPI-FP11_1.0.0.2a"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z1 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.0e"
},
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.0e"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z2 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7_1.2.0.0f"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Z2 Series Processors Go",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7_1.0.0.Bg"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ShimadaPeakPI-SP6 1.0.0.1c"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StrixKrackanPI-FP8_1.1.0.2d"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.8.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.8.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.8.0"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbMilanPI-SP3 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbRomePI-SP3 1.0.0.F"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedPI-FP5 1213"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedR2KPI-FP5 1008"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedPI-FP5 1213"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbAM4PI 1.0.0.9"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedPI-FP6_1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Embedded-PI_FP7r2 1012"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.5"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedPhoenixPI-FP7r2_1.0.0.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.7"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedTurinPI_SP5_1004"
}
]
}
],
"datePublic": "2026-04-16T18:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eIncorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.\u003c/div\u003e"
}
],
"value": "Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668 Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T19:12:58.645Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7054.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-54502",
"datePublished": "2026-04-16T18:46:13.377Z",
"dateReserved": "2025-07-23T15:01:50.731Z",
"dateUpdated": "2026-04-17T03:55:16.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36319 (GCVE-0-2024-36319)
Vulnerability from cvelistv5
Published
2026-02-12 17:41
Modified
2026-02-26 14:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Summary
Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics; AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-13T04:56:40.296265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:20.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics;\r\nAMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI MAX Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300X",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.2.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300A",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.2.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI308X",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.2.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI325X",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ROCm 6.2.4"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V710",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
}
],
"datePublic": "2026-02-12T17:40:51.607Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Debug code left active in AMD\u0027s Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.\u003cbr\u003e"
}
],
"value": "Debug code left active in AMD\u0027s Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1191",
"description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T17:41:06.194Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36319",
"datePublished": "2026-02-12T17:41:06.194Z",
"dateReserved": "2024-05-23T19:44:40.300Z",
"dateUpdated": "2026-02-26T14:44:20.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36320 (GCVE-0-2024-36320)
Vulnerability from cvelistv5
Published
2026-02-11 14:33
Modified
2026-02-11 15:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Summary
Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36320",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:36:41.476444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T15:42:49.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI MAX+",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Mobile Processors (formerly codenamed \"Fire Range\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO WX 8000/9000 Series Graphics Cards",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO VII",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX Vega Series Graphics Cards",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 VII",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2026-02-11T14:10:55.676Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability\u003cbr\u003e"
}
],
"value": "Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability"
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T14:33:53.297Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36320",
"datePublished": "2026-02-11T14:33:53.297Z",
"dateReserved": "2024-05-23T19:44:40.300Z",
"dateUpdated": "2026-02-11T15:42:49.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36324 (GCVE-0-2024-36324)
Vulnerability from cvelistv5
Published
2026-02-11 14:29
Modified
2026-02-26 14:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics; AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-12T04:55:12.807054Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:26.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics;\r\nAMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors;\r\nAMD Ryzen\u2122 8000 Series Desktop Processors;\r\nAMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000HX Series Mobile Processors (formerly codenamed \"Fire Range\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Al Max+",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI 300 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 RX 9000 Series Graphics Products",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V520",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V620",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Radeon\u2122 PRO V710",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Contact your AMD Customer Engineering representative"
}
]
},
{
"defaultStatus": "affected",
"product": "V620/NV21",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "hotfix5"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2026-02-11T14:10:37.492Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.\u003cbr\u003e"
}
],
"value": "Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T14:29:47.274Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36324",
"datePublished": "2026-02-11T14:29:47.274Z",
"dateReserved": "2024-05-23T19:44:40.301Z",
"dateUpdated": "2026-02-26T14:44:26.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}