CVE-2025-48515
CVE-2025-48515
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.4EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
10 fev 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.
CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
AMD · AMD Ryzen™ 4000 Series Desktop ProcessorsAMD · AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ Embedded V2000 Series ProcessorsQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →