Description
A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.
Scores
CVSS v3
7.8
EPSS
0.0005
EPSS Percentile
13.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-749
Status
published
Products (1)
amd/vbios_flash_tool_software_development_kit
< 3.12
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026