CVE-2025-54502

Summary

Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 9004 Series ProcessorsGenoaPI_1.0.0.Hunaffected
AMDAMD EPYC™ 7003 Series ProcessorsMilanPI-SP3_1.0.0.Junaffected
AMDAMD EPYC™ 7002 Series ProcessorsRome-1.0.0.Punaffected
AMDAMD EPYC™ 4004 Series ProcessorsComboAM5PI 1.0.0.dunaffected
AMDAMD EPYC™ 9005 Series ProcessorsTurinPI-SP5_1.0.0.9unaffected
AMDAMD Instinct™ MI300A Series ProcessorsMI300A 1.0.0.Cunaffected
AMDAMD EPYC™ 9V64H ProcessorMI300C 1.0.0.3unaffected
AMDAMD EPYC™ 8004 Series ProcessorsGenoaPI_1.0.0.Hunaffected
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.Edunaffected
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bgunaffected
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5_1.0.1.2eunaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0funaffected
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6_1.0.0.7gunaffected
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1PI 1.0.0.3kunaffected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.dunaffected
AMDAMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10unaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.Dunaffected
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1dunaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsCastlePeakWSPI-sWRX8 1.0.0.Iunaffected
AMDAMD Ryzen™ 9000HX Series ProcessorsFireRangeFL1PI 1.0.0.0dunaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0eunaffected
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.Dunaffected
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.0.0.1munaffected
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6_1.1.0.0kunaffected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.1.0.3funaffected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.2.0.3hunaffected
AMDAMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.1.0.3funaffected
AMDAMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.2.0.3hunaffected
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5PI 1.2.0.3hunaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1dunaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1dunaffected
AMDAMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10unaffected
AMDAMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10unaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2PI 1.2.0.10unaffected
AMDAMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4PI 1.0.0.10unaffected
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0funaffected
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5_1.0.1.2eunaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bgunaffected
AMDAMD Ryzen™ AI Max 300 Series ProcessorsStrixHaloPI-FP11_1.0.0.2aunaffected
AMDAMD Ryzen™ Z1 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0eunaffected
AMDAMD Ryzen™ Z1 Series ProcessorsPhoenixPI-FP8-FP7_1.2.0.0funaffected
AMDAMD Ryzen™ Z2 Series Processors ExtremeStrixKrackanPI-FP8_1.1.0.0eunaffected
AMDAMD Ryzen™ Z2 Series ProcessorsPhoenixPI-FP8-FP7_1.2.0.0funaffected
AMDAMD Ryzen™ Z2 Series Processors GoRembrandtPI-FP7_1.0.0.Bgunaffected
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsShimadaPeakPI-SP6 1.0.0.1cunaffected
AMDAMD Ryzen™ Threadripper™ 7000 ProcessorsShimadaPeakPI-SP6 1.0.0.1cunaffected
AMDAMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6 1.0.0.1cunaffected
AMDAMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6 1.0.0.1cunaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.2dunaffected
AMDAMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed “Raphael”)ComboAM5PI 1.2.8.0unaffected
AMDAMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed “Phoenix”)ComboAM5PI 1.2.8.0unaffected
AMDAMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed “Granite Ridge”)ComboAM5PI 1.2.8.0unaffected
AMDAMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 1.0.0.Dunaffected
AMDAMD EPYC™ Embedded 9004 Series Processors (formerly codenamed “Genoa”)EmbGenoaPI-SP5 1.0.0.Dunaffected
AMDAMD EPYC™ Embedded 7002 Series ProcessorsEmbRomePI-SP3 1.0.0.Funaffected
AMDAMD Ryzen™ Embedded R1000 Series ProcessorsEmbeddedPI-FP5 1213unaffected
AMDAMD Ryzen™ Embedded R2000 Series ProcessorsEmbeddedR2KPI-FP5 1008unaffected
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed “Raven Ridge”)EmbeddedPI-FP5 1213unaffected
AMDAMD Ryzen™ Embedded 5000 Series ProcessorsEmbAM4PI 1.0.0.9unaffected
AMDAMD Ryzen™ Embedded V2000 Series ProcessorsEmbeddedPI-FP6_1.0.0.Dunaffected
AMDAMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 1012unaffected
AMDAMD EPYC™ Embedded 9004 Series Processors (formerly codenamed “Bergamo”)EmbGenoaPI-SP5 1.0.0.Dunaffected
AMDAMD EPYC™ Embedded 8004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.Dunaffected
AMDAMD Ryzen™ Embedded 9000 Series ProcessorsEmbeddedAM5PI 1.0.0.5unaffected
AMDAMD Ryzen™ Embedded 8000 Series ProcessorsEmbeddedPhoenixPI-FP7r2_1.0.0.4unaffected
AMDAMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.7unaffected
AMDAMD EPYC™ Embedded 9005 Series ProcessorsEmbeddedTurinPI_SP5_1004unaffected

Weaknesses

  • CWE-668: CWE-668 Exposure of Resource to Wrong Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

AMD Platform Configuration Blob: APCB SMM driver: kernel: linux-firmware: AMD APCB SMM driver: Arbitrary Code Execution via incorrect boot service use

Additional References

References