CVE-2025-48515 | THREATINT

Description

Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.

PUBLISHED Reserved 2025-05-22 | Published 2026-02-10 | Updated 2026-02-10 | Assigner AMD

MEDIUM: 5.4CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-190 Integer Overflow or Wraparound

Product status

Default status

affected

RenoirPI-FP6 1.0.0.Ed

unaffected

Default status

affected

CezannePI-FP6_1.0.1.1c

unaffected

Default status

affected

CezannePI-FP6_1.0.1.1c

unaffected

Default status

affected

RenoirPI-FP6_1.0.0.Ec

unaffected

Default status

affected

ComboAM4v2PI_1.2.0.11

unaffected

Default status

affected

EmbeddedPI-FP6_1.0.0.D

unaffected

References

www.amd.com/...es/product-security/bulletin/AMD-SB-4013.html

cve.org (CVE-2025-48515)

nvd.nist.gov (CVE-2025-48515)

Download JSON

help @ threatint.eu