CVE-2025-0032

CVSS 7.2 HIGHEPSS 0.1%CWE-459

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 7.2EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

06 set 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Produtos afetados

AMD · AMD EPYC™ 9005 Series Processors AMD · AMD EPYC™ Embedded 9000 Series Processors AMD · AMD Ryzen™ 9000HX Series Processors AMD · AMD Ryzen™ 9000 Series Desktop Processors AMD · AMD Ryzen™ AI 300 Series Processors AMD · AMD Ryzen™ Al Max+AMD · AMD Ryzen™ Threadripper™ 9000 series

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3014.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html