Search

Find a vulnerability

Search criteria

    48 vulnerabilities found for AMD EPYC™ Embedded 9005 Series Processors by AMD

    CVE-2025-54509 (GCVE-0-2025-54509)

    Vulnerability from nvd – Published: 2026-06-09 17:22 – Updated: 2026-06-09 18:57
    VLAI
    Summary
    Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1262 - Register Interface Allows Software Access to Sensitive Data or Security Settings
    Assigner
    AMD
    Date Public
    2026-06-09 17:22
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54509",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T18:56:45.465105Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T18:57:03.527Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-06-09T17:22:07.835Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1262",
                  "description": "CWE-1262  Register Interface Allows Software Access to Sensitive Data or Security Settings",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T17:22:26.026Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3039.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-54509",
        "datePublished": "2026-06-09T17:22:26.026Z",
        "dateReserved": "2025-07-23T15:01:50.734Z",
        "dateUpdated": "2026-06-09T18:57:03.527Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0432 (GCVE-0-2026-0432)

    Vulnerability from nvd – Published: 2026-05-15 01:46 – Updated: 2026-05-16 03:56
    VLAI
    Summary
    Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ AI 400 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7001 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 8.01.20.513
    Create a notification for this product.
    Date Public
    2026-05-15 01:44
    Credits
    Reported through AMD Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0432",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-16T03:56:10.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 400 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 8.01.20.513"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Reported through AMD Bug Bounty Program"
            }
          ],
          "datePublic": "2026-05-15T01:44:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
                }
              ],
              "value": "Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276  Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:46:53.761Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2026-0432",
        "datePublished": "2026-05-15T01:46:24.662Z",
        "dateReserved": "2025-12-06T13:53:34.788Z",
        "dateUpdated": "2026-05-16T03:56:10.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-48512 (GCVE-0-2025-48512)

    Vulnerability from nvd – Published: 2026-05-15 01:45 – Updated: 2026-05-16 03:56
    VLAI
    Summary
    Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dragon Range") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael X3D") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors (formerly codenamed "Castle Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Processors (formerly codenamed "Castle Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Picasso") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors (formerly codenamed "Chagall") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors (formerly codenamed "Storm Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors (formerly codenamed "Storm Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael-X3D") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors (formerly codenamed "Renoir") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Cezanne") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer"/"Vermeer-X3D") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7001 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 7.04.09.545
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 7.04.09.545
    Create a notification for this product.
    Date Public
    2026-05-15 01:49
    Credits
    Reported through AMD Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-48512",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-16T03:56:09.610Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.04.09.545"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Reported through AMD Bug Bounty Program"
            }
          ],
          "datePublic": "2026-05-15T01:49:24.634Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
                }
              ],
              "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276  Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:50:06.870Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-48512",
        "datePublished": "2026-05-15T01:45:05.943Z",
        "dateReserved": "2025-05-22T16:34:07.747Z",
        "dateUpdated": "2026-05-16T03:56:09.610Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0045 (GCVE-0-2025-0045)

    Vulnerability from nvd – Published: 2026-05-15 01:47 – Updated: 2026-05-15 13:35
    VLAI
    Summary
    Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 9000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Extreme Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4005 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4004 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    Date Public
    2026-05-15 01:44
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0045",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T13:35:07.970276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T13:35:15.206Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics\r\nRyzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T01:44:38.142Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service\u003cbr\u003e"
                }
              ],
              "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120  Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:47:31.317Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-0045",
        "datePublished": "2026-05-15T01:47:31.317Z",
        "dateReserved": "2024-11-21T16:18:13.504Z",
        "dateUpdated": "2026-05-15T13:35:15.206Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61972 (GCVE-0-2025-61972)

    Vulnerability from nvd – Published: 2026-05-13 03:03 – Updated: 2026-05-14 03:56
    VLAI
    Summary
    Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
    Assigner
    AMD
    Date Public
    2026-05-13 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61972",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T03:56:03.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004  Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-05-13T03:00:40.598Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity. \u003cbr\u003e"
                }
              ],
              "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1233",
                  "description": "CWE-1233  Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T03:03:31.455Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-61972",
        "datePublished": "2026-05-13T03:03:31.455Z",
        "dateReserved": "2025-10-04T18:09:57.018Z",
        "dateUpdated": "2026-05-14T03:56:03.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61971 (GCVE-0-2025-61971)

    Vulnerability from nvd – Published: 2026-05-13 03:02 – Updated: 2026-05-13 14:37
    VLAI
    Summary
    Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
    Assigner
    AMD
    Date Public
    2026-05-13 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61971",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T14:37:29.592995Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T14:37:35.830Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI-SP3_1.0.0.J"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004  Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-05-13T03:00:33.777Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.\u003cbr\u003e"
                }
              ],
              "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1233",
                  "description": "CWE-1233  Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T03:02:55.705Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-61971",
        "datePublished": "2026-05-13T03:02:55.705Z",
        "dateReserved": "2025-10-04T18:09:57.018Z",
        "dateUpdated": "2026-05-13T14:37:35.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54502 (GCVE-0-2025-54502)

    Vulnerability from nvd – Published: 2026-04-16 18:46 – Updated: 2026-06-30 12:07
    VLAI
    Summary
    Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-668 - Exposure of Resource to Wrong Sphere
    • CWE-648 - Incorrect Use of Privileged APIs
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI_1.0.0.H
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI-SP3_1.0.0.J
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: Rome-1.0.0.P
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: ComboAM5PI 1.0.0.d
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: TurinPI-SP5_1.0.0.9
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Series Processors Unaffected: MI300A 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Unaffected: MI300C 1.0.0.3
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: GenoaPI_1.0.0.H
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Ed
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.Bg
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5_1.0.1.2e
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6_1.0.0.7g
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: DragonRangeFL1PI 1.0.0.3k
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.0.0.d
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1d
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.I
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: FireRangeFL1PI 1.0.0.0d
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: StrixKrackanPI-FP8_1.1.0.0e
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.0.0.1m
    Unaffected: StormPeakPI-SP6_1.1.0.0k
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.1.0.3f
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3h
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5PI 1.1.0.3f
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3h
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3h
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1d
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5_1.0.1.2e
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.Bg
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: StrixHaloPI-FP11_1.0.0.2a
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: StrixKrackanPI-FP8_1.1.0.0e
    Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Extreme Unaffected: StrixKrackanPI-FP8_1.1.0.0e
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Go Unaffected: RembrandtPI-FP7_1.0.0.Bg
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 9000 Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: StrixKrackanPI-FP8_1.1.0.2d
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael") Unaffected: ComboAM5PI 1.2.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix") Unaffected: ComboAM5PI 1.2.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge") Unaffected: ComboAM5PI 1.2.8.0
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") Unaffected: EmbGenoaPI-SP5 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1213
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1008
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: EmbeddedPI-FP5 1213
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: Embedded-PI_FP7r2 1012
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") Unaffected: EmbGenoaPI-SP5 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: EmbGenoaPI-SP5 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: EmbeddedPhoenixPI-FP7r2_1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: EmbeddedTurinPI_SP5_1004
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-04-16 18:45
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54502",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-17T03:55:16.268Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-16T18:46:13.377Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the AMD Platform Configuration Blob (APCB) SMM driver. A privileged attacker with local access (Ring 0) can exploit an incorrect use of a boot service. This vulnerability may allow the attacker to achieve privilege escalation, potentially leading to arbitrary code execution."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-648",
                    "description": "Incorrect Use of Privileged APIs",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:18.620Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2025-54502"
              },
              {
                "name": "RHBZ#2459023",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459023"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-54502.json"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-16T20:00:50.766Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-16T18:46:13.377Z",
                "value": "Made public."
              }
            ],
            "title": "AMD Platform Configuration Blob: APCB SMM driver: kernel: linux-firmware: AMD APCB SMM driver: Arbitrary Code Execution via incorrect boot service use",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI-SP3_1.0.0.J"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rome-1.0.0.P"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI-SP5_1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300A 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300C 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Ed"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.Bg"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5_1.0.1.2e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6_1.0.0.7g"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3k"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.I"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "FireRangeFL1PI 1.0.0.0d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6 1.0.0.1m"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6_1.1.0.0k"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3h"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3h"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3h"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5_1.0.1.2e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.Bg"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixHaloPI-FP11_1.0.0.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0e"
                },
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Go",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.Bg"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000  Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.2d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1213"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1008"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1213"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PI_FP7r2 1012"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPhoenixPI-FP7r2_1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-04-16T18:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eIncorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.\u003c/div\u003e"
                }
              ],
              "value": "Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-668",
                  "description": "CWE-668  Exposure of Resource to Wrong Sphere",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T19:12:58.645Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7054.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-54502",
        "datePublished": "2026-04-16T18:46:13.377Z",
        "dateReserved": "2025-07-23T15:01:50.731Z",
        "dateUpdated": "2026-06-30T12:07:18.620Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54510 (GCVE-0-2025-54510)

    Vulnerability from nvd – Published: 2026-04-16 18:44 – Updated: 2026-05-13 03:14
    VLAI
    Summary
    A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Date Public
    2026-05-13 03:13
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54510",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-16T18:56:03.988813Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-16T18:56:45.675Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI-SP3_1.0.0.J"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004  Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-05-13T03:13:40.572Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity.\u003cbr\u003e"
                }
              ],
              "value": "A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-414",
                  "description": "CWE-414  Missing Lock Check",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T03:14:06.848Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3034.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-54510",
        "datePublished": "2026-04-16T18:44:10.182Z",
        "dateReserved": "2025-07-23T15:01:50.734Z",
        "dateUpdated": "2026-05-13T03:14:06.848Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-31364 (GCVE-0-2023-31364)

    Vulnerability from nvd – Published: 2026-02-26 20:33 – Updated: 2026-02-27 19:06
    VLAI
    Summary
    Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Unaffected: NaplesPI 1.0.0.R
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.N
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.H
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: TurinPI 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Unaffected: SnowyOwl_SP4_SP4r2.1.1.0.H
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.F
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 v9 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processor Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: EmbTurinPI-SP5 1.0.0.1
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-31364",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T19:05:49.436981Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T19:06:16.269Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "NaplesPI 1.0.0.R"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.N"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwl_SP4_SP4r2.1.1.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5 1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(248, 249, 250);\"\u003eImproper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.\u003c/span\u003e"
                }
              ],
              "value": "Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-26T20:33:28.086Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-31364",
        "datePublished": "2026-02-26T20:33:28.086Z",
        "dateReserved": "2023-04-27T15:25:41.429Z",
        "dateUpdated": "2026-02-27T19:06:16.269Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54514 (GCVE-0-2025-54514)

    Vulnerability from nvd – Published: 2026-02-10 19:13 – Updated: 2026-02-11 15:05
    VLAI
    Summary
    Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1189 - Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
    Assigner
    AMD
    Date Public
    2026-02-10 19:44
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54514",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-11T15:05:43.681802Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-11T15:05:51.951Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "FireRangeFL1 PI-1.0.0.0d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0d"
                },
                {
                  "status": "unaffected",
                  "version": "GorgonPI-FP8_1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 PI 1.2.0.3h"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixHaloPI-FP11_1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 400 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GorgonPI-FP8_1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6_1.0.0.1b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6_1.0.0.1b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:44:04.221Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1189",
                  "description": "CWE-1189  Improper Isolation of Shared Resources on System-on-a-Chip (SoC)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:52:04.523Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-54514",
        "datePublished": "2026-02-10T19:13:52.680Z",
        "dateReserved": "2025-07-23T15:01:52.882Z",
        "dateUpdated": "2026-02-11T15:05:51.951Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-52536 (GCVE-0-2025-52536)

    Vulnerability from nvd – Published: 2026-02-10 19:09 – Updated: 2026-02-10 21:12
    VLAI
    Summary
    Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1231 - Improper Prevention of Lock Bit Modification
    Assigner
    AMD
    Date Public
    2026-02-10 19:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-52536",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-10T21:11:49.506703Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-10T21:12:03.165Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:05:32.239Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1231",
                  "description": "CWE-1231  Improper Prevention of Lock Bit Modification",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:09:04.084Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-52536",
        "datePublished": "2026-02-10T19:09:04.084Z",
        "dateReserved": "2025-06-17T16:53:10.413Z",
        "dateUpdated": "2026-02-10T21:12:03.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-48517 (GCVE-0-2025-48517)

    Vulnerability from nvd – Published: 2026-02-10 19:08 – Updated: 2026-02-10 21:17
    VLAI
    Summary
    Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1220 - Insufficient Granularity of Access Control
    Assigner
    AMD
    Impacted products
    Date Public
    2026-02-10 19:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-48517",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-10T21:12:25.945690Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-10T21:17:00.925Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:05:28.562Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality. \u003cbr\u003e"
                }
              ],
              "value": "Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1220",
                  "description": "CWE-1220  Insufficient Granularity of Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:08:21.524Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-48517",
        "datePublished": "2026-02-10T19:08:21.524Z",
        "dateReserved": "2025-05-22T16:34:07.748Z",
        "dateUpdated": "2026-02-10T21:17:00.925Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-48514 (GCVE-0-2025-48514)

    Vulnerability from nvd – Published: 2026-02-10 19:14 – Updated: 2026-02-11 14:54
    VLAI
    Summary
    Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1220 - Insufficient Granularity of Access Control
    Assigner
    AMD
    Date Public
    2026-02-10 19:06
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-48514",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-11T14:53:48.498282Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-11T14:54:00.307Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa++_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa++_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.C"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:06:14.020Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality. \u003cbr\u003e"
                }
              ],
              "value": "Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1220",
                  "description": "CWE-1220  Insufficient Granularity of Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:14:22.874Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-48514",
        "datePublished": "2026-02-10T19:14:22.874Z",
        "dateReserved": "2025-05-22T16:34:07.747Z",
        "dateUpdated": "2026-02-11T14:54:00.307Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-48509 (GCVE-0-2025-48509)

    Vulnerability from nvd – Published: 2026-02-10 19:13 – Updated: 2026-02-11 15:06
    VLAI
    Summary
    Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-665 - Improper Initialization
    Assigner
    AMD
    Date Public
    2026-02-10 19:06
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-48509",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-11T15:06:41.118936Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-11T15:06:51.268Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:06:05.568Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity\u003cbr\u003e"
                }
              ],
              "value": "Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-665",
                  "description": "CWE-665  Improper Initialization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:13:21.993Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-48509",
        "datePublished": "2026-02-10T19:13:21.993Z",
        "dateReserved": "2025-05-22T16:34:02.896Z",
        "dateUpdated": "2026-02-11T15:06:51.268Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-29952 (GCVE-0-2025-29952)

    Vulnerability from nvd – Published: 2026-02-10 19:09 – Updated: 2026-02-10 21:06
    VLAI
    Summary
    Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-457 - Use of Uninitialized Variable
    Assigner
    AMD
    Impacted products
    Date Public
    2026-02-10 19:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-29952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-10T21:04:35.808430Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-10T21:06:53.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:05:36.389Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity\u003cbr\u003e"
                }
              ],
              "value": "Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-457",
                  "description": "CWE-457  Use of Uninitialized Variable",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:09:37.854Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-29952",
        "datePublished": "2026-02-10T19:09:37.854Z",
        "dateReserved": "2025-03-12T15:15:04.911Z",
        "dateUpdated": "2026-02-10T21:06:53.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-29950 (GCVE-0-2025-29950)

    Vulnerability from nvd – Published: 2026-02-10 19:10 – Updated: 2026-02-26 14:44
    VLAI
    Summary
    Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1274 - Improper Access Control for Volatile Memory Containing Boot Code
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.H
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.N
    Create a notification for this product.
    AMD AMD EPYC™ 7001 Series Processors Unaffected: NaplesPI 1.0.0.R
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: TurinPI 1.0.0.6
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Unaffected: MI300A 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Unaffected: MI300C 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.C
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.I
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: StormPeakPI-SP6_1.0.0.1l
    Unaffected: ShimadaPeakPI-SP6_1.0.0.1
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6_1.1.0.0j
    Unaffected: ShimadaPeakPI-SP6_1.0.0.1
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 9000 Processors Unaffected: ShimadaPeakPI-SP6_1.0.0.1
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors Unaffected: ShimadaPeakPI-SP6_1.0.0.1
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 v9 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") Unaffected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.F
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Unaffected: SnowyOwl_SP4_SP4r2.1.1.0.H
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: EmbTurinPI-SP5_1.0.0.1
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") Unaffected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    Date Public
    2026-02-10 19:44
    Credits
    Reported through AMD Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-29950",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-11T04:56:51.935528Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T14:44:29.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.N"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "NaplesPI 1.0.0.R"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300A 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300C 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.I"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6_1.0.0.1l"
                },
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6_1.1.0.0j"
                },
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwl_SP4_SP4r2.1.1.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Reported through AMD Bug Bounty Program"
            }
          ],
          "datePublic": "2026-02-10T19:44:00.496Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.\u003cbr\u003e"
                }
              ],
              "value": "Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1274",
                  "description": "CWE-1274  Improper Access Control for Volatile Memory Containing Boot Code",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:51:27.430Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-29950",
        "datePublished": "2026-02-10T19:10:28.112Z",
        "dateReserved": "2025-03-12T15:15:04.911Z",
        "dateUpdated": "2026-02-26T14:44:29.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-29948 (GCVE-0-2025-29948)

    Vulnerability from nvd – Published: 2026-02-10 19:07 – Updated: 2026-02-11 15:08
    VLAI
    Summary
    Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
    Assigner
    AMD
    Impacted products
    Date Public
    2026-02-10 19:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-29948",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-11T15:08:32.287125Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-11T15:08:46.377Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:05:24.613Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity. \u003cbr\u003e"
                }
              ],
              "value": "Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1260",
                  "description": "CWE-1260  Improper Handling of Overlap Between Protected Memory Ranges",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:07:53.130Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-29948",
        "datePublished": "2026-02-10T19:07:53.130Z",
        "dateReserved": "2025-03-12T15:15:04.911Z",
        "dateUpdated": "2026-02-11T15:08:46.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-29946 (GCVE-0-2025-29946)

    Vulnerability from nvd – Published: 2026-02-10 19:15 – Updated: 2026-02-10 21:42
    VLAI
    Summary
    Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1301 - Insufficient or Incomplete Data Removal within Hardware Component
    Assigner
    AMD
    Impacted products
    Date Public
    2026-02-10 19:06
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-29946",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-10T21:42:05.305770Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-10T21:42:14.335Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:06:26.694Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn\u0027t fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.\u003cbr\u003e"
                }
              ],
              "value": "Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn\u0027t fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "baseScore": 4.5,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1301",
                  "description": "CWE-1301  Insufficient or Incomplete Data Removal within Hardware Component",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:15:57.179Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-29946",
        "datePublished": "2026-02-10T19:15:57.179Z",
        "dateReserved": "2025-03-12T15:15:04.910Z",
        "dateUpdated": "2026-02-10T21:42:14.335Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-29939 (GCVE-0-2025-29939)

    Vulnerability from nvd – Published: 2026-02-10 19:11 – Updated: 2026-02-10 20:59
    VLAI
    Summary
    Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    AMD
    Date Public
    2026-02-10 19:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-29939",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-10T20:58:44.995177Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-10T20:59:47.124Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:05:53.427Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity.\u003cbr\u003e"
                }
              ],
              "value": "Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284  Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:11:59.059Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-29939",
        "datePublished": "2026-02-10T19:11:59.059Z",
        "dateReserved": "2025-03-12T15:14:59.391Z",
        "dateUpdated": "2026-02-10T20:59:47.124Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0031 (GCVE-0-2025-0031)

    Vulnerability from nvd – Published: 2026-02-10 19:14 – Updated: 2026-02-11 14:51
    VLAI
    Summary
    A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Date Public
    2026-02-10 19:06
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0031",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-11T14:50:57.825281Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-11T14:51:07.017Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003  Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:06:18.567Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416  Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:14:58.027Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-0031",
        "datePublished": "2026-02-10T19:14:58.027Z",
        "dateReserved": "2024-11-21T16:17:56.201Z",
        "dateUpdated": "2026-02-11T14:51:07.017Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0029 (GCVE-0-2025-0029)

    Vulnerability from nvd – Published: 2026-02-10 19:15 – Updated: 2026-02-11 14:49
    VLAI
    Summary
    Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-390 - Detection of Error Condition Without Action
    Assigner
    AMD
    Impacted products
    Date Public
    2026-02-10 19:06
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0029",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-11T14:49:03.864464Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-11T14:49:13.248Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5_1.0.0.0"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:06:22.834Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity\u003cbr\u003e"
                }
              ],
              "value": "Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-390",
                  "description": "CWE-390  Detection of Error Condition Without Action",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T19:15:24.850Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-0029",
        "datePublished": "2026-02-10T19:15:24.850Z",
        "dateReserved": "2024-11-21T16:17:42.396Z",
        "dateUpdated": "2026-02-11T14:49:13.248Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54509 (GCVE-0-2025-54509)

    Vulnerability from cvelistv5 – Published: 2026-06-09 17:22 – Updated: 2026-06-09 18:57
    VLAI
    Summary
    Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1262 - Register Interface Allows Software Access to Sensitive Data or Security Settings
    Assigner
    AMD
    Date Public
    2026-06-09 17:22
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54509",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T18:56:45.465105Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T18:57:03.527Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-06-09T17:22:07.835Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1262",
                  "description": "CWE-1262  Register Interface Allows Software Access to Sensitive Data or Security Settings",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T17:22:26.026Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3039.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-54509",
        "datePublished": "2026-06-09T17:22:26.026Z",
        "dateReserved": "2025-07-23T15:01:50.734Z",
        "dateUpdated": "2026-06-09T18:57:03.527Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0045 (GCVE-0-2025-0045)

    Vulnerability from cvelistv5 – Published: 2026-05-15 01:47 – Updated: 2026-05-15 13:35
    VLAI
    Summary
    Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 9000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Extreme Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4005 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4004 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    Date Public
    2026-05-15 01:44
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0045",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T13:35:07.970276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T13:35:15.206Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics\r\nRyzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T01:44:38.142Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service\u003cbr\u003e"
                }
              ],
              "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120  Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:47:31.317Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-0045",
        "datePublished": "2026-05-15T01:47:31.317Z",
        "dateReserved": "2024-11-21T16:18:13.504Z",
        "dateUpdated": "2026-05-15T13:35:15.206Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0432 (GCVE-0-2026-0432)

    Vulnerability from cvelistv5 – Published: 2026-05-15 01:46 – Updated: 2026-05-16 03:56
    VLAI
    Summary
    Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ AI 400 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7001 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 8.01.20.513
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 8.01.20.513
    Create a notification for this product.
    Date Public
    2026-05-15 01:44
    Credits
    Reported through AMD Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0432",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-16T03:56:10.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 400 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1 - 2026 AMD Embedded V1000,R1000,R2000,V2000 Windows Chipset driver (72258)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2-2026 AMD Emb Win Chipset drivers[Venice,Turin,Siena](72501)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q1- 2026 AMD Embedded Ryzen7000,Ryzen8000,Ryzen9000 Windows Chipset driver (72244)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 8.01.20.513"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 8.01.20.513"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Reported through AMD Bug Bounty Program"
            }
          ],
          "datePublic": "2026-05-15T01:44:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
                }
              ],
              "value": "Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276  Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:46:53.761Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2026-0432",
        "datePublished": "2026-05-15T01:46:24.662Z",
        "dateReserved": "2025-12-06T13:53:34.788Z",
        "dateUpdated": "2026-05-16T03:56:10.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-48512 (GCVE-0-2025-48512)

    Vulnerability from cvelistv5 – Published: 2026-05-15 01:45 – Updated: 2026-05-16 03:56
    VLAI
    Summary
    Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dragon Range") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael X3D") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors (formerly codenamed "Castle Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Processors (formerly codenamed "Castle Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Picasso") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors (formerly codenamed "Chagall") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors (formerly codenamed "Storm Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors (formerly codenamed "Storm Peak") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael-X3D") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors (formerly codenamed "Renoir") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Cezanne") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer"/"Vermeer-X3D") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt") Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: 7.04.09.545
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 7001 Series Processors Unaffected: AMD Server Software 8.03.14.329
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 7.04.09.545
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: AMD Server Software 8.03.16.641
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 7.04.09.545
    Create a notification for this product.
    Date Public
    2026-05-15 01:49
    Credits
    Reported through AMD Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-48512",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-16T03:56:09.610Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server Software 8.03.14.329"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.04.09.545"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Server  Software 8.03.16.641"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.04.09.545"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Reported through AMD Bug Bounty Program"
            }
          ],
          "datePublic": "2026-05-15T01:49:24.634Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
                }
              ],
              "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276  Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:50:06.870Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-48512",
        "datePublished": "2026-05-15T01:45:05.943Z",
        "dateReserved": "2025-05-22T16:34:07.747Z",
        "dateUpdated": "2026-05-16T03:56:09.610Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61972 (GCVE-0-2025-61972)

    Vulnerability from cvelistv5 – Published: 2026-05-13 03:03 – Updated: 2026-05-14 03:56
    VLAI
    Summary
    Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
    Assigner
    AMD
    Date Public
    2026-05-13 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61972",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T03:56:03.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004  Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-05-13T03:00:40.598Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity. \u003cbr\u003e"
                }
              ],
              "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1233",
                  "description": "CWE-1233  Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T03:03:31.455Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-61972",
        "datePublished": "2026-05-13T03:03:31.455Z",
        "dateReserved": "2025-10-04T18:09:57.018Z",
        "dateUpdated": "2026-05-14T03:56:03.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61971 (GCVE-0-2025-61971)

    Vulnerability from cvelistv5 – Published: 2026-05-13 03:02 – Updated: 2026-05-13 14:37
    VLAI
    Summary
    Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
    Assigner
    AMD
    Date Public
    2026-05-13 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61971",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T14:37:29.592995Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T14:37:35.830Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI-SP3_1.0.0.J"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004  Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-05-13T03:00:33.777Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.\u003cbr\u003e"
                }
              ],
              "value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1233",
                  "description": "CWE-1233  Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T03:02:55.705Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-61971",
        "datePublished": "2026-05-13T03:02:55.705Z",
        "dateReserved": "2025-10-04T18:09:57.018Z",
        "dateUpdated": "2026-05-13T14:37:35.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54502 (GCVE-0-2025-54502)

    Vulnerability from cvelistv5 – Published: 2026-04-16 18:46 – Updated: 2026-06-30 12:07
    VLAI
    Summary
    Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-668 - Exposure of Resource to Wrong Sphere
    • CWE-648 - Incorrect Use of Privileged APIs
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI_1.0.0.H
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI-SP3_1.0.0.J
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: Rome-1.0.0.P
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: ComboAM5PI 1.0.0.d
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: TurinPI-SP5_1.0.0.9
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Series Processors Unaffected: MI300A 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Unaffected: MI300C 1.0.0.3
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: GenoaPI_1.0.0.H
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Ed
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.Bg
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5_1.0.1.2e
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6_1.0.0.7g
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: DragonRangeFL1PI 1.0.0.3k
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.0.0.d
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1d
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.I
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: FireRangeFL1PI 1.0.0.0d
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: StrixKrackanPI-FP8_1.1.0.0e
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.0.0.1m
    Unaffected: StormPeakPI-SP6_1.1.0.0k
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.1.0.3f
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3h
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5PI 1.1.0.3f
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3h
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3h
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1d
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.10
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5_1.0.1.2e
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.Bg
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: StrixHaloPI-FP11_1.0.0.2a
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: StrixKrackanPI-FP8_1.1.0.0e
    Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Extreme Unaffected: StrixKrackanPI-FP8_1.1.0.0e
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Unaffected: PhoenixPI-FP8-FP7_1.2.0.0f
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Go Unaffected: RembrandtPI-FP7_1.0.0.Bg
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 9000 Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors Unaffected: ShimadaPeakPI-SP6 1.0.0.1c
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: StrixKrackanPI-FP8_1.1.0.2d
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael") Unaffected: ComboAM5PI 1.2.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix") Unaffected: ComboAM5PI 1.2.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge") Unaffected: ComboAM5PI 1.2.8.0
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") Unaffected: EmbGenoaPI-SP5 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1213
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1008
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: EmbeddedPI-FP5 1213
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: Embedded-PI_FP7r2 1012
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") Unaffected: EmbGenoaPI-SP5 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: EmbGenoaPI-SP5 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: EmbeddedPhoenixPI-FP7r2_1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: EmbeddedTurinPI_SP5_1004
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-04-16 18:45
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54502",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-17T03:55:16.268Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-16T18:46:13.377Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the AMD Platform Configuration Blob (APCB) SMM driver. A privileged attacker with local access (Ring 0) can exploit an incorrect use of a boot service. This vulnerability may allow the attacker to achieve privilege escalation, potentially leading to arbitrary code execution."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-648",
                    "description": "Incorrect Use of Privileged APIs",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:18.620Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2025-54502"
              },
              {
                "name": "RHBZ#2459023",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459023"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-54502.json"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-16T20:00:50.766Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-16T18:46:13.377Z",
                "value": "Made public."
              }
            ],
            "title": "AMD Platform Configuration Blob: APCB SMM driver: kernel: linux-firmware: AMD APCB SMM driver: Arbitrary Code Execution via incorrect boot service use",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI-SP3_1.0.0.J"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rome-1.0.0.P"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI-SP5_1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300A 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300C 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Ed"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.Bg"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5_1.0.1.2e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6_1.0.0.7g"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3k"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.I"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "FireRangeFL1PI 1.0.0.0d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6 1.0.0.1m"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6_1.1.0.0k"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3h"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3h"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3h"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.10"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5_1.0.1.2e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.Bg"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixHaloPI-FP11_1.0.0.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0e"
                },
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.0e"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.2.0.0f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Go",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.Bg"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000  Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ShimadaPeakPI-SP6 1.0.0.1c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrackanPI-FP8_1.1.0.2d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1213"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1008"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1213"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PI_FP7r2 1012"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPhoenixPI-FP7r2_1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-04-16T18:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eIncorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.\u003c/div\u003e"
                }
              ],
              "value": "Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-668",
                  "description": "CWE-668  Exposure of Resource to Wrong Sphere",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T19:12:58.645Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7054.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-54502",
        "datePublished": "2026-04-16T18:46:13.377Z",
        "dateReserved": "2025-07-23T15:01:50.731Z",
        "dateUpdated": "2026-06-30T12:07:18.620Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-54510 (GCVE-0-2025-54510)

    Vulnerability from cvelistv5 – Published: 2026-04-16 18:44 – Updated: 2026-05-13 03:14
    VLAI
    Summary
    A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Date Public
    2026-05-13 03:13
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54510",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-16T18:56:03.988813Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-16T18:56:45.675Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI-SP3_1.0.0.J"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI_1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004  Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedTurinPI_SP5_1004"
                }
              ]
            }
          ],
          "datePublic": "2026-05-13T03:13:40.572Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity.\u003cbr\u003e"
                }
              ],
              "value": "A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-414",
                  "description": "CWE-414  Missing Lock Check",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T03:14:06.848Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3034.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-54510",
        "datePublished": "2026-04-16T18:44:10.182Z",
        "dateReserved": "2025-07-23T15:01:50.734Z",
        "dateUpdated": "2026-05-13T03:14:06.848Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-31364 (GCVE-0-2023-31364)

    Vulnerability from cvelistv5 – Published: 2026-02-26 20:33 – Updated: 2026-02-27 19:06
    VLAI
    Summary
    Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Unaffected: NaplesPI 1.0.0.R
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.N
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.H
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: TurinPI 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Unaffected: SnowyOwl_SP4_SP4r2.1.1.0.H
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.F
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 v9 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processor Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: EmbTurinPI-SP5 1.0.0.1
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-31364",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T19:05:49.436981Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T19:06:16.269Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "NaplesPI 1.0.0.R"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.N"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwl_SP4_SP4r2.1.1.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5 1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(248, 249, 250);\"\u003eImproper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.\u003c/span\u003e"
                }
              ],
              "value": "Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-26T20:33:28.086Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-31364",
        "datePublished": "2026-02-26T20:33:28.086Z",
        "dateReserved": "2023-04-27T15:25:41.429Z",
        "dateUpdated": "2026-02-27T19:06:16.269Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }