CVE-2025-62625
6
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 3000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ 3000 Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 9000HX Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ AI 300 Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 7000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 8000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 8000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 9000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 4000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 5000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 3000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 5000 Series Desktop Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ AI Max 300 Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ 7000 Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | Not public | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ 9000 Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors | AMD Device Management Portal 3.0.0.895 | unaffected |
| AMD | AMD Device Management Portal (ADMP) | 3.0.0.895 | unaffected |
Weaknesses
- CWE-269: CWE-269 Privilege Escalation
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.