CVE-2025-0032 | THREATINT

Description

Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution.

PUBLISHED Reserved 2024-11-21 | Published 2025-09-06 | Updated 2025-09-09 | Assigner AMD

HIGH: 7.2CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Problem types

CWE-459 Incomplete Cleanup

Product status

Default status

affected

TurinPI 1.0.0.4

unaffected

Default status

affected

StrixKrackanPI-FP8_1.1.0.1b

unaffected

Default status

affected

ComboAM5PI 1.2.0.3c

unaffected

Default status

affected

FireRangeFL1PI 1.0.0.0a

unaffected

Default status

affected

StrixHaloPI-FP11_1.0.0.1

unaffected

Default status

affected

ShimadaPeakPI-SP6 1.0.0.1

unaffected

Default status

affected

Embturin PI 1.0.0.0

unaffected

References

www.amd.com/...es/product-security/bulletin/AMD-SB-4012.html

www.amd.com/...es/product-security/bulletin/AMD-SB-5007.html

www.amd.com/...es/product-security/bulletin/AMD-SB-3014.html

cve.org (CVE-2025-0032)

nvd.nist.gov (CVE-2025-0032)

Download JSON