Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2025-48513 (GCVE-0-2025-48513)

Vulnerability from nvd – Published: 2026-05-15 01:51 – Updated: 2026-05-15 13:29

Summary

Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-908 - Use of Uninitialized Resource

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

6 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Z1 Series Processors	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.06.02.123

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48513",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:29:11.062835Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:29:54.874Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z1 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:57.796Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability.\u003cbr\u003e"
            }
          ],
          "value": "Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908  Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:51:56.314Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48513",
    "datePublished": "2026-05-15T01:51:56.314Z",
    "dateReserved": "2025-05-22T16:34:07.747Z",
    "dateUpdated": "2026-05-15T13:29:54.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29944 (GCVE-0-2025-29944)

Vulnerability from nvd – Published: 2026-05-15 01:53 – Updated: 2026-05-15 13:28

Summary

A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash

Severity ?

6.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

16 products

Vendor	Product	Version
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ AI Max 300 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe
AMD	AMD RYZEN™ Embedded 7000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29944",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:20:41.916908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:28:56.693Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RYZEN\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:27.651Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash\u003cbr\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120  Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:53:28.219Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29944",
    "datePublished": "2026-05-15T01:53:28.219Z",
    "dateReserved": "2025-03-12T15:15:04.910Z",
    "dateUpdated": "2026-05-15T13:28:56.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29937 (GCVE-0-2025-29937)

Vulnerability from nvd – Published: 2026-05-15 01:52 – Updated: 2026-05-15 13:29

Summary

An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality.

Severity ?

5.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29937",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:18:04.257721Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:29:23.526Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:15.647Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality.\u003cbr\u003e"
            }
          ],
          "value": "An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125  Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:52:48.560Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29937",
    "datePublished": "2026-05-15T01:52:48.560Z",
    "dateReserved": "2025-03-12T15:14:59.391Z",
    "dateUpdated": "2026-05-15T13:29:23.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29936 (GCVE-0-2025-29936)

Vulnerability from nvd – Published: 2026-05-15 01:52 – Updated: 2026-05-15 13:28

Summary

Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality.

Severity ?

8.4 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-20 - Improper Input Validation

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

7 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Al Max+	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29936",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:28:41.081503Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:28:48.055Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Al Max+",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:04.190Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20  Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:52:13.641Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29936",
    "datePublished": "2026-05-15T01:52:13.641Z",
    "dateReserved": "2025-03-12T15:14:59.391Z",
    "dateUpdated": "2026-05-15T13:28:48.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29935 (GCVE-0-2025-29935)

Vulnerability from nvd – Published: 2026-05-15 01:53 – Updated: 2026-05-16 03:56

Summary

An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability.

Severity ?

8.4 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded R8000 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.06.02.123

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29935",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:06.233Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:33.156Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability.\u003cbr\u003e"
            }
          ],
          "value": "An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:53:42.356Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29935",
    "datePublished": "2026-05-15T01:53:42.356Z",
    "dateReserved": "2025-03-12T15:14:59.391Z",
    "dateUpdated": "2026-05-16T03:56:06.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-0028 (GCVE-0-2025-0028)

Vulnerability from nvd – Published: 2026-05-15 01:52 – Updated: 2026-05-15 13:27

Summary

An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.

Severity ?

8.3 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H

CWE

CWE-252 - Unchecked Return Value

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.06.02.123

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0028",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:25:09.199353Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:27:14.509Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:10.383Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An unchecked return value within the AMD Platform Management Framework (PMF)  could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.\u003cbr\u003e"
            }
          ],
          "value": "An unchecked return value within the AMD Platform Management Framework (PMF)  could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-252",
              "description": "CWE-252  Unchecked Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:52:29.933Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-0028",
    "datePublished": "2026-05-15T01:52:29.933Z",
    "dateReserved": "2024-11-21T16:17:40.854Z",
    "dateUpdated": "2026-05-15T13:27:14.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-52540 (GCVE-0-2025-52540)

Vulnerability from nvd – Published: 2026-05-15 01:51 – Updated: 2026-05-16 03:56

Summary

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.

Severity ?

8.5 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Graphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-52540",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:07.368Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Graphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:45.611Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.\u003cbr\u003e"
            }
          ],
          "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:51:25.234Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-52540",
    "datePublished": "2026-05-15T01:51:25.234Z",
    "dateReserved": "2025-06-17T16:53:10.413Z",
    "dateUpdated": "2026-05-16T03:56:07.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48521 (GCVE-0-2025-48521)

Vulnerability from nvd – Published: 2026-05-15 01:45 – Updated: 2026-05-15 13:32

Summary

Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-416 - Use After Free

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

47 products

Vendor	Product	Version
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dragon Range")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael X3D")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Processors (formerly codenamed "Castle Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Processors (formerly codenamed "Castle Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ 3000 Processors (formerly codenamed "Castle Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors (formerly codenamed "Chagall")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ 7000 Processors (formerly codenamed "Storm Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors (formerly codenamed "Storm Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael-X3D")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 4000 Series Desktop Processors (formerly codenamed "Renoir")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer"/"Vermeer-X3D")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Pollock")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
AMD	AMD EPYC™ Embedded 4004 Series Processors	Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
AMD	AMD EPYC™ Embedded 8004 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD EPYC™ Embedded 4005 Series Processors	Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD EPYC™ Embedded 9000 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD EPYC™ 4004 Series Processors	Unaffected: AMD Chipset Driver 7.02.13.148
AMD	AMD EPYC™ 4005 Series Processors	Unaffected: AMD Chipset Driver 7.02.13.148

Date Public ?

2026-05-15 01:44

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48521",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:32:12.971646Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:32:19.594Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Pollock\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.02.13.148"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:44:26.968Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.\r\n \u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416  Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:45:34.221Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48521",
    "datePublished": "2026-05-15T01:45:34.221Z",
    "dateReserved": "2025-05-22T16:34:07.748Z",
    "dateUpdated": "2026-05-15T13:32:19.594Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48520 (GCVE-0-2025-48520)

Vulnerability from nvd – Published: 2026-05-15 01:51 – Updated: 2026-05-15 13:31

Summary

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure or a crash

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48520",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:30:59.858945Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:31:06.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:40.917Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure or a crash\u003cbr\u003e"
            }
          ],
          "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure or a crash"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125  Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:51:03.047Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48520",
    "datePublished": "2026-05-15T01:51:03.047Z",
    "dateReserved": "2025-05-22T16:34:07.748Z",
    "dateUpdated": "2026-05-15T13:31:06.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48519 (GCVE-0-2025-48519)

Vulnerability from nvd – Published: 2026-05-15 01:50 – Updated: 2026-05-16 03:56

Summary

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation

Severity ?

8.5 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48519",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:08.501Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:29.796Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation \u003cbr\u003e"
            }
          ],
          "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:50:34.374Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48519",
    "datePublished": "2026-05-15T01:50:34.374Z",
    "dateReserved": "2025-05-22T16:34:07.748Z",
    "dateUpdated": "2026-05-16T03:56:08.501Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48512 (GCVE-0-2025-48512)

Vulnerability from nvd – Published: 2026-05-15 01:45 – Updated: 2026-05-16 03:56

Summary

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.

Severity ?

7 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-276 - Incorrect Default Permissions

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

55 products

Vendor	Product	Version
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.04.09.545
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dragon Range")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael X3D")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors (formerly codenamed "Castle Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors (formerly codenamed "Castle Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ 3000 Processors (formerly codenamed "Castle Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 9000HX Series Processors	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: 7.04.09.545
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors (formerly codenamed "Chagall")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ 7000 Processors (formerly codenamed "Storm Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors (formerly codenamed "Storm Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael-X3D")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 4000 Series Desktop Processors (formerly codenamed "Renoir")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer"/"Vermeer-X3D")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: 7.04.09.545
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ AI Max 300 Series Processors	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Z1 Series Processors	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
AMD	AMD EPYC™ Embedded 8004 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
AMD	AMD EPYC™ Embedded 9005 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
AMD	AMD EPYC™ 9004 Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 7003 Series Processors	Unaffected: AMD Server Software 8.03.14.329
AMD	AMD EPYC™ 7002 Series Processors	Unaffected: AMD Server Software 8.03.14.329
AMD	AMD EPYC™ 7001 Series Processors	Unaffected: AMD Server Software 8.03.14.329
AMD	AMD EPYC™ 4004 Series Processors	Unaffected: AMD Chipset Driver 7.04.09.545
AMD	AMD EPYC™ 9005 Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD Instinct™ MI300A Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 9V64H Processor	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 8004 Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 4005 Series Processors	Unaffected: AMD Chipset Driver 7.04.09.545

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48512",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:09.610Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z1 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server Software 8.03.14.329"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server Software 8.03.14.329"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7001 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server Software 8.03.14.329"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9V64H Processor",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.04.09.545"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:24.634Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276  Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:50:06.870Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48512",
    "datePublished": "2026-05-15T01:45:05.943Z",
    "dateReserved": "2025-05-22T16:34:07.747Z",
    "dateUpdated": "2026-05-16T03:56:09.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29935 (GCVE-0-2025-29935)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:53 – Updated: 2026-05-16 03:56

Summary

An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability.

Severity ?

8.4 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded R8000 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.06.02.123

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29935",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:06.233Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:33.156Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability.\u003cbr\u003e"
            }
          ],
          "value": "An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:53:42.356Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29935",
    "datePublished": "2026-05-15T01:53:42.356Z",
    "dateReserved": "2025-03-12T15:14:59.391Z",
    "dateUpdated": "2026-05-16T03:56:06.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29944 (GCVE-0-2025-29944)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:53 – Updated: 2026-05-15 13:28

Summary

A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash

Severity ?

6.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

16 products

Vendor	Product	Version
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ AI Max 300 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.04.09.545
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe
AMD	AMD RYZEN™ Embedded 7000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29944",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:20:41.916908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:28:56.693Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RYZEN\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:27.651Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash\u003cbr\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120  Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:53:28.219Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29944",
    "datePublished": "2026-05-15T01:53:28.219Z",
    "dateReserved": "2025-03-12T15:15:04.910Z",
    "dateUpdated": "2026-05-15T13:28:56.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29937 (GCVE-0-2025-29937)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:52 – Updated: 2026-05-15 13:29

Summary

An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality.

Severity ?

5.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29937",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:18:04.257721Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:29:23.526Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:15.647Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality.\u003cbr\u003e"
            }
          ],
          "value": "An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125  Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:52:48.560Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29937",
    "datePublished": "2026-05-15T01:52:48.560Z",
    "dateReserved": "2025-03-12T15:14:59.391Z",
    "dateUpdated": "2026-05-15T13:29:23.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-0028 (GCVE-0-2025-0028)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:52 – Updated: 2026-05-15 13:27

Summary

An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.

Severity ?

8.3 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H

CWE

CWE-252 - Unchecked Return Value

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.06.02.123

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0028",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:25:09.199353Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:27:14.509Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:10.383Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An unchecked return value within the AMD Platform Management Framework (PMF)  could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.\u003cbr\u003e"
            }
          ],
          "value": "An unchecked return value within the AMD Platform Management Framework (PMF)  could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-252",
              "description": "CWE-252  Unchecked Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:52:29.933Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-0028",
    "datePublished": "2026-05-15T01:52:29.933Z",
    "dateReserved": "2024-11-21T16:17:40.854Z",
    "dateUpdated": "2026-05-15T13:27:14.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29936 (GCVE-0-2025-29936)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:52 – Updated: 2026-05-15 13:28

Summary

Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality.

Severity ?

8.4 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-20 - Improper Input Validation

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

7 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Al Max+	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:50

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29936",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:28:41.081503Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:28:48.055Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Al Max+",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:50:04.190Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20  Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:52:13.641Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29936",
    "datePublished": "2026-05-15T01:52:13.641Z",
    "dateReserved": "2025-03-12T15:14:59.391Z",
    "dateUpdated": "2026-05-15T13:28:48.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48513 (GCVE-0-2025-48513)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:51 – Updated: 2026-05-15 13:29

Summary

Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-908 - Use of Uninitialized Resource

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

6 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Z1 Series Processors	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: AMD Ryzen™ Chipset Driver 7.06.02.123

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48513",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:29:11.062835Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:29:54.874Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z1 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:57.796Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability.\u003cbr\u003e"
            }
          ],
          "value": "Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908  Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:51:56.314Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48513",
    "datePublished": "2026-05-15T01:51:56.314Z",
    "dateReserved": "2025-05-22T16:34:07.747Z",
    "dateUpdated": "2026-05-15T13:29:54.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-52540 (GCVE-0-2025-52540)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:51 – Updated: 2026-05-16 03:56

Summary

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.

Severity ?

8.5 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Graphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-52540",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:07.368Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Graphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:45.611Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.\u003cbr\u003e"
            }
          ],
          "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:51:25.234Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-52540",
    "datePublished": "2026-05-15T01:51:25.234Z",
    "dateReserved": "2025-06-17T16:53:10.413Z",
    "dateUpdated": "2026-05-16T03:56:07.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48520 (GCVE-0-2025-48520)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:51 – Updated: 2026-05-15 13:31

Summary

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure or a crash

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48520",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:30:59.858945Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:31:06.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:40.917Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure or a crash\u003cbr\u003e"
            }
          ],
          "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure or a crash"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125  Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:51:03.047Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48520",
    "datePublished": "2026-05-15T01:51:03.047Z",
    "dateReserved": "2025-05-22T16:34:07.748Z",
    "dateUpdated": "2026-05-15T13:31:06.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48519 (GCVE-0-2025-48519)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:50 – Updated: 2026-05-16 03:56

Summary

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation

Severity ?

8.5 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

5 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.06.02.123
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: amd_chipset_software_7.06.02.123.exe

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48519",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:08.501Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.06.02.123"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "amd_chipset_software_7.06.02.123.exe"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:29.796Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation \u003cbr\u003e"
            }
          ],
          "value": "An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:50:34.374Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48519",
    "datePublished": "2026-05-15T01:50:34.374Z",
    "dateReserved": "2025-05-22T16:34:07.748Z",
    "dateUpdated": "2026-05-16T03:56:08.501Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48521 (GCVE-0-2025-48521)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:45 – Updated: 2026-05-15 13:32

Summary

Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-416 - Use After Free

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

47 products

Vendor	Product	Version
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dragon Range")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael X3D")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Processors (formerly codenamed "Castle Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Processors (formerly codenamed "Castle Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ 3000 Processors (formerly codenamed "Castle Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors (formerly codenamed "Chagall")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ 7000 Processors (formerly codenamed "Storm Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors (formerly codenamed "Storm Peak")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael-X3D")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 4000 Series Desktop Processors (formerly codenamed "Renoir")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer"/"Vermeer-X3D")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Pollock")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
AMD	AMD EPYC™ Embedded 4004 Series Processors	Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
AMD	AMD EPYC™ Embedded 8004 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD EPYC™ Embedded 4005 Series Processors	Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD EPYC™ Embedded 9000 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
AMD	AMD EPYC™ 4004 Series Processors	Unaffected: AMD Chipset Driver 7.02.13.148
AMD	AMD EPYC™ 4005 Series Processors	Unaffected: AMD Chipset Driver 7.02.13.148

Date Public ?

2026-05-15 01:44

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48521",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T13:32:12.971646Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T13:32:19.594Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Pollock\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.02.13.148"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.02.13.148"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:44:26.968Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.\r\n \u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416  Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:45:34.221Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48521",
    "datePublished": "2026-05-15T01:45:34.221Z",
    "dateReserved": "2025-05-22T16:34:07.748Z",
    "dateUpdated": "2026-05-15T13:32:19.594Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48512 (GCVE-0-2025-48512)

Vulnerability from cvelistv5 – Published: 2026-05-15 01:45 – Updated: 2026-05-16 03:56

Summary

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.

Severity ?

7 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-276 - Incorrect Default Permissions

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

55 products

Vendor	Product	Version
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Renoir")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")	Unaffected: 7.04.09.545
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics (formerly codenamed "Mendocino")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dragon Range")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael X3D")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors (formerly codenamed "Castle Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo R")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors (formerly codenamed "Castle Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ 3000 Processors (formerly codenamed "Castle Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 9000HX Series Processors	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")	Unaffected: 7.04.09.545
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Picasso")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors (formerly codenamed "Chagall")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ 7000 Processors (formerly codenamed "Storm Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors (formerly codenamed "Storm Peak")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael"/"Raphael-X3D")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Lucienne")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Barcelo")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 4000 Series Desktop Processors (formerly codenamed "Renoir")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics (formerly codenamed "Cezanne")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Desktop Processors (formerly codenamed "Matisse")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 5000 Series Desktop Processors (formerly codenamed "Vermeer"/"Vermeer-X3D")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: 7.04.09.545
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Dali")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ AI Max 300 Series Processors	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Z1 Series Processors	Unaffected: 7.04.09.545
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Chipset WHQL certified driver - (71252)
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded R2000, V2000 Windows® Chipset drivers (68915)
AMD	AMD EPYC™ Embedded 8004 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
AMD	AMD EPYC™ Embedded 9005 Series Processors	Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
AMD	AMD Ryzen™ Embedded 9000 Series Processors	Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Chipset drivers [7.06.02.123] (68927)
AMD	AMD EPYC™ 9004 Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 7003 Series Processors	Unaffected: AMD Server Software 8.03.14.329
AMD	AMD EPYC™ 7002 Series Processors	Unaffected: AMD Server Software 8.03.14.329
AMD	AMD EPYC™ 7001 Series Processors	Unaffected: AMD Server Software 8.03.14.329
AMD	AMD EPYC™ 4004 Series Processors	Unaffected: AMD Chipset Driver 7.04.09.545
AMD	AMD EPYC™ 9005 Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD Instinct™ MI300A Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 9V64H Processor	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 8004 Series Processors	Unaffected: AMD Server Software 8.03.16.641
AMD	AMD EPYC™ 4005 Series Processors	Unaffected: AMD Chipset Driver 7.04.09.545

Date Public ?

2026-05-15 01:49

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48512",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-16T03:56:09.610Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Mendocino\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dragon Range\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo R\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors (formerly codenamed \"Castle Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors (formerly codenamed \"Strix Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors (formerly codenamed \"Chagall\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors (formerly codenamed \"Storm Peak\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors (formerly codenamed \"Raphael\"/\"Raphael-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors (formerly codenamed \"Phoenix\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors (formerly codenamed \"Granite Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Lucienne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Barcelo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors (formerly codenamed \"Renoir\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics (formerly codenamed \"Cezanne\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors (formerly codenamed \"Matisse\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors (formerly codenamed \"Vermeer\"/\"Vermeer-X3D\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Hawk Point\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics (formerly codenamed \"Dali\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics (formerly codenamed \"Rembrandt\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z1 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Chipset WHQL certified driver - (71252)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded R2000, V2000 Windows\u00ae Chipset drivers (68915)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Chipset drivers [7.06.02.123] (68927)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server Software 8.03.14.329"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server Software 8.03.14.329"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7001 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server Software 8.03.14.329"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.04.09.545"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9V64H Processor",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Server  Software 8.03.16.641"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 4005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Chipset Driver 7.04.09.545"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-05-15T01:49:24.634Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276  Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T01:50:06.870Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-48512",
    "datePublished": "2026-05-15T01:45:05.943Z",
    "dateReserved": "2025-05-22T16:34:07.747Z",
    "dateUpdated": "2026-05-16T03:56:09.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Search criteria

22 vulnerabilities found for AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt") by AMD

CVE-2025-48513 (GCVE-0-2025-48513)

CVE-2025-29944 (GCVE-0-2025-29944)

CVE-2025-29937 (GCVE-0-2025-29937)

CVE-2025-29936 (GCVE-0-2025-29936)

CVE-2025-29935 (GCVE-0-2025-29935)

CVE-2025-0028 (GCVE-0-2025-0028)

CVE-2025-52540 (GCVE-0-2025-52540)

CVE-2025-48521 (GCVE-0-2025-48521)

CVE-2025-48520 (GCVE-0-2025-48520)

CVE-2025-48519 (GCVE-0-2025-48519)

CVE-2025-48512 (GCVE-0-2025-48512)

CVE-2025-29935 (GCVE-0-2025-29935)

CVE-2025-29944 (GCVE-0-2025-29944)

CVE-2025-29937 (GCVE-0-2025-29937)

CVE-2025-0028 (GCVE-0-2025-0028)

CVE-2025-29936 (GCVE-0-2025-29936)

CVE-2025-48513 (GCVE-0-2025-48513)

CVE-2025-52540 (GCVE-0-2025-52540)

CVE-2025-48520 (GCVE-0-2025-48520)

CVE-2025-48519 (GCVE-0-2025-48519)

CVE-2025-48521 (GCVE-0-2025-48521)

CVE-2025-48512 (GCVE-0-2025-48512)