Skip to main content

AMD GPIO Controller CVE-2025-48512

| EUVDEUVD-2025-209861 HIGH
Incorrect Default Permissions (CWE-276)
2026-05-15 AMD GHSA-jgpx-6rhq-7873
7.0
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.0 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
A
Scope
X

Lifecycle Timeline

4
Analysis Generated
May 15, 2026 - 04:15 vuln.today
CVSS changed
May 15, 2026 - 02:22 NVD
7.0 (HIGH)
CVE Published
May 15, 2026 - 01:45 nvd
UNKNOWN (no severity yet)
CVE Published
May 15, 2026 - 01:45 nvd
HIGH 7.0

DescriptionCVE.org

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.

AnalysisAI

Privilege escalation in AMD GPIO controller driver for Windows allows authenticated local users with low privileges to execute arbitrary code with elevated rights via insecure directory permissions. Affects nearly the entire AMD processor portfolio from Ryzen 3000-series through latest EPYC 9005 and Ryzen AI 300. AMD has released patched chipset drivers (version 7.04.09.545 for most desktop/mobile products, 8.03.16.641 for server platforms) addressing the vulnerability. EPSS score and KEV status not provided in source data, but the local attack vector and user interaction requirement limit remote exploitation risk despite the 7.0 CVSS score.

Technical ContextAI

The vulnerability resides in AMD's GPIO (General-Purpose Input/Output) controller driver for Windows, classified as CWE-276 (Incorrect Default Permissions). GPIO controllers provide low-level hardware access for processor pin control and system management functions. The installation directory permissions issue allows users with limited privileges to modify or replace driver components. This affects AMD's chipset driver package across multiple processor architectures spanning seven years of product releases, from Zen 2 (Matisse/Picasso) through Zen 5 (Granite Ridge/Strix Point), including desktop Ryzen, mobile APUs, Threadripper workstation processors, and datacenter EPYC platforms. The CPE strings identify affected products as AMD Ryzen 3000-9000 series, Athlon 3000 series, Threadripper 3000-7000 series, and EPYC 7001-9005 series processors. The vulnerability exists in the Windows driver installation mechanism rather than processor silicon, indicating a software packaging/deployment flaw in AMD's chipset driver distribution.

RemediationAI

Install patched AMD chipset drivers immediately: version 7.04.09.545 for consumer desktop/mobile platforms (Ryzen 3000-9000, Threadripper, Athlon), version 8.03.16.641 for server platforms (EPYC 9004/9005, Instinct MI300A), version 8.03.14.329 for EPYC 7001-7003 series, or product-specific versions for embedded systems as detailed in AMD security bulletin AMD-SB-4015 (https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html). Patched drivers are available through AMD Download Center or Windows Update depending on OEM configuration. For systems where immediate patching is not feasible, implement compensating controls: restrict physical and RDP access to trusted users only, enable Windows User Account Control at highest setting to force elevation prompts, monitor AMD GPIO driver directory (typically C:\Program Files\AMD or C:\AMD) for unauthorized file modifications using file integrity monitoring tools, and apply principle of least privilege by removing local administrator rights from standard user accounts. Note that disabling the GPIO driver may impact system stability or hardware monitoring functionality depending on motherboard implementation. Validate patch deployment by verifying driver version in Device Manager under System Devices or via PowerShell command Get-WmiObject Win32_PnPSignedDriver filtering for AMD GPIO. Organizations using AMD EPYC embedded systems should consult OEM vendors for firmware updates incorporating patched drivers, with some embedded platforms not receiving fixes until Q2-Q4 2025 per AMD's disclosure timeline.

More in Amd

View all
CVE-2021-22986 CRITICAL POC
9.8 Mar 31

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.

CVE-2020-6103 CRITICAL POC
9.9 Jul 20

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.

CVE-2020-6102 CRITICAL POC
9.9 Jul 20

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.

CVE-2020-6101 CRITICAL POC
9.9 Jul 20

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.

CVE-2020-6100 CRITICAL POC
9.9 Jul 20

An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. Rated criti

CVE-2018-6546 CRITICAL POC
9.8 Apr 13

plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming

CVE-2021-3653 HIGH POC
8.8 Sep 29

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. Rated high severity (CVSS 8.8), this vu

CVE-2020-12138 HIGH POC
8.8 Apr 27

AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of se

CVE-2019-5098 HIGH POC
8.6 Dec 05

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. Rated high

CVE-2015-7724 HIGH POC
7.8 Jun 07

AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),

CVE-2015-7723 HIGH POC
7.8 Jun 07

AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),

CVE-2023-1048 HIGH POC
7.8 Feb 26

A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5.sys. Rate

Share

CVE-2025-48512 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy