Description
Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.
Scores
CVSS v3
3.0
EPSS
0.0006
EPSS Percentile
17.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1284
Status
published
Products (14)
AMD/AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
ComboAM4v2PI 1.2.0.CA
AMD/AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
RenoirPI-FP6 1.0.0.D
AMD/AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
ComboAM4v2PI 1.2.0.CA
AMD/AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
Cezanne-FP6 1.0.1.0
AMD/AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
Rembrandt-FP7 1.0.0.A
AMD/AMD Ryzen™ 7000 Series Desktop Processors
ComboAM5 1.1.0.2
AMD/AMD Ryzen™ 7000 Series Mobile Processors
DragonRangeFL1PI 1.0.0.3C
AMD/AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
Rembrandt-FP7 1.0.0.A
AMD/AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
PhoenixPI-FP8-FP7 1.1.0.2
AMD/AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
ComboAM5 1.1.0.2
... and 4 more
Published
Feb 11, 2025
Tracked Since
Feb 18, 2026