Skip to main content

AMD Platform Management Framework Driver EUVDEUVD-2025-209864

| CVE-2025-52540 HIGH
Out-of-bounds Write (CWE-787)
2026-05-15 AMD GHSA-52rq-4m29-jc22
8.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
May 15, 2026 - 04:15 vuln.today
CVSS changed
May 15, 2026 - 02:22 NVD
8.5 (HIGH)
CVE Published
May 15, 2026 - 01:51 nvd
UNKNOWN (no severity yet)
CVE Published
May 15, 2026 - 01:51 nvd
HIGH 8.5

DescriptionCVE.org

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.

AnalysisAI

Out-of-bounds write in the AMD Platform Management Framework (PMF) Driver enables local authenticated users to escalate privileges on AMD Ryzen 6000/7000/8000 series processors. The vulnerability stems from improper input validation (CWE-787) allowing memory corruption beyond allocated buffer boundaries. Exploitation requires low-privilege local access with low attack complexity (CVSS 4.0: AV:L/AC:L/PR:L), making this a realistic post-compromise escalation vector. AMD released chipset driver version 7.06.02.123 addressing all affected Ryzen series. No public exploit or active exploitation confirmed at time of analysis.

Technical ContextAI

The AMD Platform Management Framework (PMF) is a kernel-level driver component in AMD chipset software that manages power, thermal, and performance tuning for modern Ryzen processors. This vulnerability manifests as CWE-787 (Out-of-bounds Write), where the driver fails to properly validate input parameters before writing to memory buffers. The affected products span AMD's mobile and embedded Ryzen processor lines from 2022-2024: Ryzen 6000 series (Rembrandt, 2022), Ryzen 7035 (Rembrandt R), Ryzen 7040 (Phoenix, 2023), Ryzen 8040 (Hawk Point, 2024), and Ryzen Embedded 8000 series. CPE entries confirm this is a driver vulnerability affecting the software layer rather than processor silicon, requiring both chipset driver installation and Windows/Linux systems running the PMF driver component. The out-of-bounds write condition allows attackers to corrupt adjacent kernel memory structures, leading to arbitrary code execution in kernel context.

RemediationAI

Update AMD chipset drivers to version 7.06.02.123 or later, available from AMD's official download portal or system manufacturer support sites. For AMD Ryzen Embedded 8000 Series, also update graphics driver to version 25.6.1 (branch 25.10.13.01) as specified in AMD Security Bulletin AMD-SB-4015. Organizations should prioritize patching systems where users have local access but should not have administrative privileges (shared workstations, kiosks, multi-user environments). As an interim compensating control where patching is delayed, restrict local access to trusted administrators only and implement application whitelisting to prevent unauthorized driver interactions, though this significantly limits system usability. Monitor for unusual driver loading activity or unexpected privilege escalation attempts via Windows Event ID 4672 (special privileges assigned) or Linux auditd kernel module events. Disable the AMD PMF service if power management features are non-critical, though this will degrade battery life and thermal performance on mobile systems. Full advisory and download links: https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html

More in Amd

View all
CVE-2021-22986 CRITICAL POC
9.8 Mar 31

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.

CVE-2020-6103 CRITICAL POC
9.9 Jul 20

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.

CVE-2020-6102 CRITICAL POC
9.9 Jul 20

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.

CVE-2020-6101 CRITICAL POC
9.9 Jul 20

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.

CVE-2020-6100 CRITICAL POC
9.9 Jul 20

An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. Rated criti

CVE-2018-6546 CRITICAL POC
9.8 Apr 13

plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming

CVE-2021-3653 HIGH POC
8.8 Sep 29

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. Rated high severity (CVSS 8.8), this vu

CVE-2020-12138 HIGH POC
8.8 Apr 27

AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of se

CVE-2019-5098 HIGH POC
8.6 Dec 05

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. Rated high

CVE-2015-7724 HIGH POC
7.8 Jun 07

AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),

CVE-2015-7723 HIGH POC
7.8 Jun 07

AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),

CVE-2023-1048 HIGH POC
7.8 Feb 26

A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5.sys. Rate

Share

EUVD-2025-209864 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy