CVE-2024-36333

Summary

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Radeon™ RX 5000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.10.2 (25.20.21.01 RDNA3+, 25.10.33.02 RDNA1/RDNA2)unaffected
AMDAMD Radeon™ PRO W5000 Series Graphics ProductsAMD Software: PRO Edition 25.Q3.1 (25.10.32 RDNA)unaffected
AMDAMD Radeon™ RX 6000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.10.2 (25.20.21.01 RDNA3+, 25.10.33.02 RDNA1/RDNA2)unaffected
AMDAMD Radeon™ RX 7000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.10.2 (25.20.21.01 RDNA3+, 25.10.33.02 RDNA1/RDNA2)unaffected
AMDAMD Cleanup Utilityhttps://www.amd.com/en/resources/support-articles/faqs/GPU-601.htmlunaffected
AMDAMD Radeon™ PRO W6000 Series Graphics ProductsAMD Software: PRO Edition 25.Q3.1 (25.10.32 RDNA)unaffected
AMDAMD Radeon™ PRO W7000 Series Graphics ProductsAMD Software: PRO Edition 25.Q3.1 (25.10.32 RDNA)unaffected
AMDAMD Radeon™ RX Vega Series Graphics CardsAMD Software: Adrenalin Edition 26.1.1 (23.19.24)unaffected
AMDAMD Radeon™ VIIAMD Software: Adrenalin Edition 26.1.1 (23.19.24)unaffected
AMDAMD Radeon™ PRO WX 8000/9000 Series Graphics CardsAMD Software: PRO Edition 26.Q1 (23.19.24)unaffected
AMDAMD Radeon™ PRO VIIAMD Software: PRO Edition 26.Q1 (23.19.24)unaffected

Weaknesses

  • Security Vulnerability

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References