Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.
AnalysisAI
Local attackers with low-privilege credentials can exploit unchecked return value handling in AMD Platform Management Framework (PMF) to read or write arbitrary memory addresses across multiple AMD Ryzen processor families (6000, 7000, 8000 series). This CWE-252 flaw enables privilege escalation to kernel level, compromising system confidentiality and availability with high impact across both virtualized and physical contexts. AMD has released security bulletin AMD-SB-4015 addressing the vulnerability. No CISA KEV listing or public exploit code has been identified at time of analysis, but the low attack complexity (AC:L) and local privilege requirement (PR:L) suggest exploitation is technically straightforward for attackers with initial system access.
Technical ContextAI
AMD Platform Management Framework (PMF) is a kernel-level driver component managing power, thermal, and performance features across AMD Ryzen mobile and embedded processors. The vulnerability stems from CWE-252 (Unchecked Return Value), where the PMF driver fails to properly validate return values from system calls or API functions before using them in memory operations. This allows an attacker to control addresses used in subsequent read/write operations. Affected CPE strings indicate impact across Rembrandt (Ryzen 6000/7035), Phoenix (Ryzen 7040), Hawk Point (Ryzen 8040), and Ryzen Embedded 8000 processor families. The CVSS 4.0 vector shows both victim system (VC:H/VA:H) and subsequent system (SC:H/SA:H) impact, indicating the flaw can affect virtualized environments where guest compromise leads to hypervisor or adjacent VM impact.
RemediationAI
Apply AMD Platform Management Framework driver updates provided in AMD Security Bulletin AMD-SB-4015 (https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html). Download patched PMF drivers from AMD support portal matching your specific processor family and operating system. For Windows systems, update via Windows Update or AMD Software Adrenalin Edition. For Linux systems, update kernel drivers through distribution-specific channels or AMD-provided kernel modules. Until patches are deployed, implement compensating controls by restricting local user privileges through principle of least privilege policies, disabling unnecessary local accounts, and monitoring for unusual kernel-mode driver access patterns using EDR solutions. In virtualized environments, ensure hypervisor isolation controls are maximized and consider temporarily limiting AMD PMF driver loading in guest VMs if power management features are non-critical. Note that disabling PMF entirely may impact laptop battery life optimization and thermal management, requiring trade-off assessment between security and power efficiency.
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.
An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. Rated criti
plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. Rated high severity (CVSS 8.8), this vu
AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of se
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. Rated high
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8),
A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5.sys. Rate
Same weakness CWE-252 – Unchecked Return Value
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209867
GHSA-72v7-rm66-2gr3