CVE-2025-48515

CVSS 5.4 MEDIUMEPSS 0.1%CWE-190

Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.

CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

AMD · AMD Ryzen™ 4000 Series Desktop Processors AMD · AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics AMD · AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ Embedded V2000 Series Processors

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html