Skip to main content

AMD AGESA Bootloader Firmware EUVD-2025-209875

| CVE-2025-48516 MEDIUM
Incorrect Default Permissions (CWE-276)
2026-05-15 AMD GHSA-jfhv-mg7w-4348
Privilege Escalation Denial Of Service
6.9
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
May 15, 2026 - 03:33 vuln.today
CVSS changed
May 15, 2026 - 03:22 NVD
6.9 (MEDIUM)
CVE Published
May 15, 2026 - 02:37 nvd
MEDIUM 6.9

DescriptionNVD

Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module.

AnalysisAI

DDR5 memory modules in multiple AMD Ryzen processor families contain an insecure default PMIC (Power Management Integrated Circuit) interface configuration that allows local users with standard privileges to cause permanent denial of service or corrupt memory module integrity via unprotected firmware access. The vulnerability affects Ryzen 4000, 7000, 7020, 7030, 7035, 7040, 7045 series processors and Threadripper Pro 3000 WX-series, requiring local system access but no special privileges or user interaction. No public exploit code or active exploitation has been confirmed at time of analysis.

Technical ContextAI

The vulnerability stems from inadequate access controls (CWE-276: Incorrect Default Permissions) on the PMIC interface exposed through AGESA Bootloader Firmware in DDR5-capable AMD processors. AGESA is AMD's bootloader and firmware stack responsible for early processor initialization and memory configuration. The PMIC manages power delivery and operating parameters for DDR5 memory modules. The insecure default configuration leaves the PMIC interface unprotected, allowing local unprivileged users to directly interact with memory module firmware through this interface. DDR5 memory specifications include enhanced programmability for power tuning and performance, but this design assumes proper access controls at the firmware level. The lack of privilege isolation on the PMIC interface permits escalation from local user context to memory subsystem manipulation.

RemediationAI

AMD has published security bulletin AMD-SB-4017 at https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html with firmware updates addressing this vulnerability. System administrators must obtain and deploy the patched BIOS/AGESA firmware version specific to their motherboard and processor combination from the motherboard manufacturer or AMD, as the fix is delivered through BIOS updates rather than operating system patches. Before patching, restrict local system access to trusted users only - disable guest accounts, enforce strong authentication, and audit user activity on systems with access to memory tuning tools or firmware interfaces. Compensating control: disable any BIOS/firmware options that expose PMIC interfaces to unprivileged users (often labeled 'Memory Tweaking', 'PXE Boot', or 'AMD Overclocking Control'). If BIOS-level PMIC access control is available, enable maximum restriction. Note: BIOS updates carry inherent risk of system failure if interrupted; perform updates only on stable power supplies and follow motherboard vendor's update procedures strictly. Test firmware updates in non-production environments first. The underlying risk cannot be fully eliminated without AGESA firmware revision; system-level access controls are temporary measures only.

Share

EUVD-2025-209875 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy