Skip to main content
Regulatory Triage ICT Providers

AMD

Hardware & Firmware

Period: 7d 14d 30d 90d
22
Open CVEs
0
Exploited
0
KEV
18
Unpatched
9
No Workaround
8
Internet-facing

Why this provider is risky now

This provider has 22 open CVE(s) in the last 14 days. 18 have no vendor patch. 8 affect internet-facing services.

18 Unpatched 9 No Workaround 8 Internet-facing

Top Risky CVEs

CVE-2026-0481
Act Now
Unpatched
Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in los
Edge exposure ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • CRITICAL severity
  • Internet-facing technique: authentication-bypass
  • Third-party ICT: AMD
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • CRITICAL severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
9.2
CVSS
0.2%
EPSS
46
Priority
CVE-2025-54517
This Week
Unpatched
Buffer overflow in AMD GPU driver IOCTL handler enables local privilege escalation to root on Linux systems running AMD Instinct or Radeon Pro GPUs. Authenticated local users with low privileges can exploit an out-of-bounds write vulnerability in the AMDGV_CMD_GET_DIAG_DATA IOCTL to achieve arbitrary kernel code execution. EPSS data not available; no public exploit or CISA KEV listing identified at time of analysis, suggesting limited active exploitation despite high CVSS 8.5 severity.
Within 24 hours: Identify all Linux systems running AMD Instinct or Radeon Pro GPUs and document current driver versions. Within 7 days: Restrict GPU access via group membership and IOMMU/VT-d isolation to trusted users only; disable GPU access for non-essential users pending patch availability. Within 30 days: Monitor AMD security advisories for patch release and conduct driver update testing in non-production GPU environments; prioritize patching high-value compute clusters and ML platforms.
Edge exposure ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • Third-party ICT: AMD
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
8.5
CVSS
0.0%
EPSS
43
Priority
CVE-2025-48519
This Week
Unpatched
Out-of-bounds read/write in AMD Platform Management Framework (PMF) driver allows local authenticated users to escalate privileges on Ryzen 6000/7000/8000 series processors. AMD has released patched chipset software version 7.06.02.123 addressing the improper input validation vulnerability. No public exploit code identified and CISA has not added this to KEV, indicating exploitation is not yet confirmed in real-world attacks despite the high CVSS score. Attackers must already have local system access with standard user privileges to exploit this vulnerability.
Within 24 hours: Inventory all systems with Ryzen 6000/7000/8000 series processors and current AMD chipset driver versions. Within 7 days: Deploy AMD chipset software version 7.06.02.123 or later to all affected systems via vendor-provided driver update mechanisms or OEM channels; prioritize systems with high-privilege users or sensitive data access. Within 30 days: Verify patch deployment across 100% of affected inventory and validate through driver version reporting tools.
ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Third-party ICT: AMD
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
8.5
CVSS
0.0%
EPSS
43
Priority
CVE-2025-52540
This Week
Unpatched
Out-of-bounds write in the AMD Platform Management Framework (PMF) Driver enables local authenticated users to escalate privileges on AMD Ryzen 6000/7000/8000 series processors. The vulnerability stems from improper input validation (CWE-787) allowing memory corruption beyond allocated buffer boundaries. Exploitation requires low-privilege local access with low attack complexity (CVSS 4.0: AV:L/AC:L/PR:L), making this a realistic post-compromise escalation vector. AMD released chipset driver version 7.06.02.123 addressing all affected Ryzen series. No public exploit or active exploitation confirmed at time of analysis.
Within 24 hours: Inventory all systems with AMD Ryzen 6000/7000/8000 series processors and current PMF driver versions via hardware asset management and driver querying tools. Within 7 days: Deploy AMD Platform Management Framework driver version 7.06.02.123 or later to all affected systems via patch management systems, prioritizing systems with high-privilege user accounts or sensitive data access. Within 30 days: Validate successful deployment across 100% of affected inventory and monitor endpoint detection and response (EDR) logs for exploitation attempts using process privilege escalation behavioral signatures.
ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Third-party ICT: AMD
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
8.5
CVSS
0.0%
EPSS
43
Priority
CVE-2026-0432
This Week
Unpatched
Insecure installation directory permissions in AMD chipset driver allow local authenticated attackers to achieve SYSTEM-level privilege escalation and execute arbitrary code. The vulnerability affects nearly all AMD Ryzen, Threadripper, EPYC, and Athlon processors across desktop, mobile, embedded, and server product lines. AMD has released patched chipset driver versions 8.01.20.513 (consumer/workstation) and 8.03.14.329/8.03.16.641 (server). No active exploitation confirmed at time of analysis, but the local vector and low attack complexity make this exploitable by any authenticated Windows user, including standard users without admin rights.
Within 24 hours: Inventory all systems running AMD processors and identify current chipset driver versions via Device Manager or AMD chipset driver utility. Within 7 days: Deploy chipset driver version 8.01.20.513 (consumer/workstation) or 8.03.14.329/8.03.16.641 (server EPYC/Threadripper) via WSUS, endpoint management tools, or manual installation with mandatory restart; prioritize servers and high-value workstations first. Within 30 days: Verify 100% deployment completion via hardware inventory tools; document baseline driver versions for future audits.
Edge exposure ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • Third-party ICT: AMD
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
8.5
CVSS
0.0%
EPSS
43
Priority
CVE-2025-29936
This Week
Unpatched
Local privilege escalation in AMD Platform Management Framework (PMF) allows authenticated attackers with low privileges to unmap arbitrary memory pages, potentially executing code with elevated privileges or triggering system crashes. Affects modern AMD Ryzen mobile processors across multiple generations (6000/7000/8000/AI 300 series, embedded variants). The vulnerability enables both horizontal escalation (confidentiality compromise via changed scope in CVSS 4.0) and vertical impact (integrity/availability degradation). No evidence of active exploitation (not in CISA KEV), but the local attack vector with low complexity makes this exploitable by malware or malicious insiders once system access is obtained. EPSS data not available for risk calibration.
Within 24 hours: Inventory all AMD Ryzen mobile processors in use (6000/7000/8000/AI 300 series) and document current firmware/BIOS versions via IT asset management. Within 7 days: Contact AMD support for microcode/firmware updates and estimated availability timeline; implement enhanced endpoint monitoring focused on PMF drivers and privilege escalation attempts. Within 30 days: Apply AMD Platform Management Framework security updates and microcode patches immediately upon vendor release; for systems where no patch is available, restrict low-privileged user account creation and enforce full-disk encryption on all affected devices.
Edge exposure ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-20: Improper Input Validation)
  • Third-party ICT: AMD
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
8.4
CVSS
0.0%
EPSS
42
Priority
CVE-2025-29935
This Week
Unpatched
Local privilege escalation in AMD Platform Management Framework (PMF) allows authenticated attackers with low privileges to execute arbitrary code with elevated system privileges through an out-of-bounds write vulnerability. Affects multiple AMD Ryzen processor series (6000, 7035, 7040, 8040, and Embedded R8000) across mobile and embedded platforms. The CVSS 4.0 score of 8.4 reflects high impact to system integrity and availability with changed scope, indicating the attacker can escape the vulnerable component's security context. No active exploitation confirmed in CISA KEV at time of analysis, and public exploit code availability is not indicated in current intelligence.
Within 24 hours: Inventory all systems using affected AMD Ryzen processor families (6000, 7035, 7040, 8040, R8000); assess which devices grant non-administrative users system access. Within 7 days: Restrict local user account creation and login privileges on affected systems; implement application whitelisting on critical embedded devices; contact AMD for patched BIOS/firmware versions if available for your specific hardware SKUs. Within 30 days: Evaluate migration to non-affected processor platforms for high-risk deployments; establish firmware update process upon vendor release; document compensating controls for audit compliance.
Edge exposure ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • Third-party ICT: AMD
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
8.4
CVSS
0.0%
EPSS
42
Priority
CVE-2025-0028
This Week
Unpatched
Local attackers with low-privilege credentials can exploit unchecked return value handling in AMD Platform Management Framework (PMF) to read or write arbitrary memory addresses across multiple AMD Ryzen processor families (6000, 7000, 8000 series). This CWE-252 flaw enables privilege escalation to kernel level, compromising system confidentiality and availability with high impact across both virtualized and physical contexts. AMD has released security bulletin AMD-SB-4015 addressing the vulnerability. No CISA KEV listing or public exploit code has been identified at time of analysis, but the low attack complexity (AC:L) and local privilege requirement (PR:L) suggest exploitation is technically straightforward for attackers with initial system access.
Within 24 hours: Inventory all systems running affected AMD Ryzen processor families (6000, 7000, 8000 series) and restrict low-privileged user account creation on critical infrastructure. Within 7 days: Review and tighten local access controls; apply any BIOS/firmware updates referenced in AMD security bulletin AMD-SB-4015 when available. Within 30 days: Coordinate with AMD for patched chipset drivers or firmware releases and deploy to all affected infrastructure; prioritize virtualized environments and systems with privileged user accounts.
ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Third-party ICT: AMD
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
8.3
CVSS
0.0%
EPSS
42
Priority
CVE-2025-29938
This Week
Unpatched
Arbitrary code execution and denial of service in AMD Platform Management Framework (PMF) affects Ryzen 7035, 7040, 8040 mobile processors and Ryzen Embedded 8000 series. A local authenticated attacker exploiting an unchecked return value vulnerability can write to arbitrary memory locations, potentially escalating privileges from low to high integrity across system boundaries. The CVSS 4.0 score of 7.1 reflects local attack vector with low complexity but requires specific attack timing conditions (AT:P), though the cross-scope impact (S:H) and high confidentiality/integrity impact to subsequent systems elevate real-world risk for enterprise environments with AMD mobile processors.
Within 24 hours: Identify and inventory all systems running affected AMD Ryzen 7035, 7040, 8040 mobile processors and Ryzen Embedded 8000 series. Within 7 days: Implement access controls restricting local login to essential personnel only; disable unnecessary local user accounts on affected devices; restrict physical access where feasible. Within 30 days: Monitor AMD security advisories for patch availability and establish testing environment for validation; consider risk-based prioritization for device replacement or OS-level hardening if mobile workforce devices are affected.
Edge exposure ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • Third-party ICT: AMD
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
7.1
CVSS
0.0%
EPSS
36
Priority
CVE-2025-48512
This Week
Unpatched
Privilege escalation in AMD GPIO controller driver for Windows allows authenticated local users with low privileges to execute arbitrary code with elevated rights via insecure directory permissions. Affects nearly the entire AMD processor portfolio from Ryzen 3000-series through latest EPYC 9005 and Ryzen AI 300. AMD has released patched chipset drivers (version 7.04.09.545 for most desktop/mobile products, 8.03.16.641 for server platforms) addressing the vulnerability. EPSS score and KEV status not provided in source data, but the local attack vector and user interaction requirement limit remote exploitation risk despite the 7.0 CVSS score.
Within 24 hours: Identify all systems running affected AMD processors (Ryzen 3000-series through Ryzen AI 300 desktop/mobile; EPYC 9005 servers) and their current chipset driver versions. Within 7 days: Deploy patched AMD chipset drivers version 7.04.09.545 for desktop/mobile platforms and version 8.03.16.641 for server platforms; validate deployment across test systems before production rollout. Within 30 days: Complete enterprise-wide driver updates and confirm no systems remain on pre-patch versions through inventory audits.
Edge exposure ICT dependency No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • Third-party ICT: AMD
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: AMD (Hardware & Firmware)
  • No remediation available
7.0
CVSS
0.0%
EPSS
35
Priority

By Exposure

Internet-facing
8
Mgmt / Admin Plane
0
Identity / Auth
0
Internal only
14

By Exploitability

Known exploited
0
Public PoC
0
High EPSS (>30%)
0
Remote unauthenticated
1
Local only
16

By Remediation

Patch available
4
No patch
18
Workaround available
9
No workaround
9

Affected Services / Product Families

Amd
22 CVE(s)
CVE-2025-0045 MEDIUM Unpatched
CVE-2025-48512 HIGH Unpatched
CVE-2025-48519 HIGH Unpatched
CVE-2025-48520 MEDIUM Unpatched
CVE-2025-48521 MEDIUM Unpatched
CVE-2025-52540 HIGH Unpatched
CVE-2026-0432 HIGH Unpatched
CVE-2025-0028 HIGH Unpatched
CVE-2025-29935 HIGH Unpatched
CVE-2025-29936 HIGH Unpatched
+ 12 more

Recommended Actions

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy