CVE-2025-54511

Summary

Improper handling of insufficient privileges in the AMD Secure Processor (ASP) could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability.

Affected Software

VendorProductVersion RangeStatus
AMDMI-2523.10unaffected
AMDAMD Instinct™ MI250ROCm 6.3unaffected
AMDAMD Instinct™ MI210ROCm 6.3unaffected
AMDAMD Radeon™ PRO V520Contact your AMD Customer Engineering representativeunaffected
AMDAMD Radeon™ PRO V620Contact your AMD Customer Engineering representativeunaffected

Weaknesses

  • CWE-274: CWE-274 Improper Handling of Insufficient Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References