CVE-2025-0032
BaseFortify
Publication date: 2025-09-06
Last updated on: 2025-09-08
Assigner: Advanced Micro Devices Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | ryzen | 4000 |
| amd | epyc_embedded | 7003 |
| amd | epyc | 7001 |
| amd | pro | 5000wx |
| amd | ryzen | 2000 |
| amd | ryzen_embedded | 7000 |
| amd | epyc_embedded | 7002 |
| amd | epyc | 9004 |
| amd | ryzen | 6000 |
| amd | ryzen | 8000 |
| amd | epyc | 7003 |
| amd | pro | 7000 |
| amd | pro | 3000wx |
| amd | ryzen_embedded | 5000 |
| amd | epyc_embedded | 3000 |
| amd | epyc | 7002 |
| amd | epyc_embedded | 900 |
| amd | ryzen_threadripper | 3000 |
| amd | epyc | 4004 |
| amd | client_processor | * |
| amd | ryzen_embedded | v3000 |
| amd | ryzen | 7000 |
| amd | ryzen_embedded | v2000 |
| amd | epyc | 8004 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-459 | The product does not properly "clean up" and remove temporary or supporting resources after they have been used. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper cleanup during the loading of AMD CPU microcode patches. An attacker who already has local administrator privileges could exploit this flaw to load malicious CPU microcode, which may compromise the integrity of x86 instruction execution on the affected system.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker with local administrator access to load malicious microcode onto the CPU, potentially causing incorrect or malicious execution of CPU instructions. This could lead to a loss of system integrity and trustworthiness, affecting the security and reliability of the system.