CVE-2025-54502
HIGH
2026-04-16
AMD
Privilege Escalation
Information Disclosure
RCE
Amd
Amd Epyc 9004 Series Processors
Amd Epyc 7003 Series Processors
Amd Epyc 7002 Series Processors
Amd Epyc 4004 Series Processors
Amd Epyc 9005 Series Processors
Amd Instinct Mi300A Series Processors
Amd Epyc 9V64H Processor
Amd Epyc 8004 Series Processors
Amd Ryzen 4000 Series Mobile Processors With Radeon Graphics
Amd Ryzen 7035 Series Processors With Radeon Graphics
Amd Athlon 3000 Series Mobile Processors With Radeon Graphics
Amd Ryzen 7040 Series Mobile Processors With Radeon Graphics
Amd Ryzen 7020 Series Processors With Radeon Graphics
Amd Ryzen 7045 Series Mobile Processors With Radeon Graphics
Amd Ryzen 7000 Series Desktop Processors
Amd Ryzen 3000 Series Desktop Processors
Amd Ryzen Threadripper Pro 3000 Wx Series Processors
Amd Ryzen 7030 Series Mobile Processors With Radeon Graphics
Amd Ryzen 9000Hx Series Processors
Amd Ryzen Ai 300 Series Processors
Amd Ryzen Threadripper Pro 5000 Wx Series Processors
Amd Ryzen Threadripper Pro 7000 Wx Series Processors
Amd Ryzen 8000 Series Desktop Processors
Amd Ryzen 9000 Series Desktop Processors
Amd Ryzen 5000 Series Mobile Processors With Radeon Graphics
Amd Ryzen 4000 Series Desktop Processors
Amd Ryzen 5000 Series Desktop Processors
Amd Ryzen 5000 Series Desktop Processors With Radeon Graphics
Amd Ryzen 8040 Series Mobile Processors With Radeon Graphics
Amd Ryzen 3000 Series Mobile Processors With Radeon Graphics
Amd Ryzen 6000 Series Processors With Radeon Graphics
Amd Ryzen Ai Max 300 Series Processors
Amd Ryzen Z1 Series Processors
Amd Ryzen Z2 Series Processors Extreme
Amd Ryzen Z2 Series Processors
Amd Ryzen Z2 Series Processors Go
Amd Ryzen Threadripper 7000 Processors
Amd Ryzen Threadripper 9000 Processors
Amd Ryzen Threadripper Pro 9000 Wx Series Processors
Amd Ryzen 7000 Series Desktop Processors Formerly Codenamed Raphael
Amd Ryzen 8000 Series Desktop Processors Formerly Codenamed Phoenix
Amd Ryzen 9000 Series Desktop Processors Formerly Codenamed Granite Ridge
Amd Epyc Embedded 7003 Series Processors
Amd Epyc Embedded 9004 Series Processors Formerly Codenamed Genoa
Amd Epyc Embedded 7002 Series Processors
Amd Ryzen Embedded R1000 Series Processors
Amd Ryzen Embedded R2000 Series Processors
Amd Ryzen Embedded V1000 Series Processors Formerly Codenamed Raven Ridge
Amd Ryzen Embedded 5000 Series Processors
Amd Ryzen Embedded V2000 Series Processors
Amd Ryzen Embedded V3000 Series Processors
Amd Epyc Embedded 9004 Series Processors Formerly Codenamed Bergamo
Amd Epyc Embedded 8004 Series Processors
Amd Ryzen Embedded 9000 Series Processors
Amd Ryzen Embedded 8000 Series Processors
Amd Ryzen Embedded 7000 Series Processors
Amd Epyc Embedded 9005 Series Processors
7.1
CVSS 4.0
Share
CVSS VectorNVD
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
X
Lifecycle Timeline
1
CVSS Changed
Apr 16, 2026 - 20:22 NVD
7.1 (HIGH)
DescriptionNVD
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
AnalysisAI
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).