Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation
AnalysisAI
Out-of-bounds read/write in AMD Platform Management Framework (PMF) driver allows local authenticated users to escalate privileges on Ryzen 6000/7000/8000 series processors. AMD has released patched chipset software version 7.06.02.123 addressing the improper input validation vulnerability. No public exploit code identified and CISA has not added this to KEV, indicating exploitation is not yet confirmed in real-world attacks despite the high CVSS score. Attackers must already have local system access with standard user privileges to exploit this vulnerability.
Technical ContextAI
The AMD Platform Management Framework (PMF) driver is a kernel-mode component included in AMD Chipset Software packages for Ryzen processors. This driver manages power and performance features on AMD mobile and embedded platforms. The vulnerability stems from improper input validation (CWE-787: Out-of-bounds Write) where user-supplied input to the driver is not properly sanitized before being used in memory operations. This allows crafted IOCTL requests or other driver interfaces to cause the kernel driver to read or write memory outside allocated buffers. Since the driver operates at Ring 0 (kernel mode), successful exploitation allows an attacker to corrupt kernel memory structures, potentially hijacking execution flow or modifying security tokens to gain SYSTEM/root privileges. The affected CPE strings identify specific Ryzen processor generations (Rembrandt, Rembrandt R, Phoenix, Hawk Point) and their corresponding chipset driver packages across consumer mobile (6000/7000/8000 series) and embedded (8000 series) product lines.
RemediationAI
Install AMD Chipset Software version 7.06.02.123 or later, available from the AMD driver download portal or system manufacturer support sites. Download the appropriate installer (amd_chipset_software_7.06.02.123.exe for Windows systems) from https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html and follow the installation wizard. Reboot the system after installation to load the patched PMF driver. For enterprise deployments, distribute the updated driver package through existing software management systems (SCCM, Intune, Ansible). If immediate patching is not possible, implement compensating controls by restricting local logon access to trusted administrators only, disabling standard user accounts on affected systems, or deploying application control policies (AppLocker, Windows Defender Application Control) to block unsigned kernel driver loads. Note that restricting local access reduces usability on shared workstations and does not protect against insider threats or already-compromised user accounts. Verify patch deployment by checking driver version properties for the amd_pmf.sys file or querying AMD Chipset Software version through Windows Programs and Features.
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.
An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. Rated criti
plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. Rated high severity (CVSS 8.8), this vu
AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of se
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. Rated high
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),
A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5.sys. Rate
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209866
GHSA-g9q8-j7rw-6w88