CVE-2025-48515

MEDIUM

AMD Secure Processor < - Memory Corruption

Title source: llm

Description

Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.

References (1)

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

Scores

CVSS v4 5.4

EPSS 0.0003

EPSS Percentile 7.4%

CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-190

Status published

Products (6)

AMD/AMD Ryzen™ 4000 Series Desktop Processors RenoirPI-FP6_1.0.0.Ec

AMD/AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics RenoirPI-FP6 1.0.0.Ed

AMD/AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics ComboAM4v2PI_1.2.0.11

AMD/AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1c

AMD/AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1c

AMD/AMD Ryzen™ Embedded V2000 Series Processors EmbeddedPI-FP6_1.0.0.D

Published Feb 10, 2026

Tracked Since Feb 18, 2026