CVE-2025-48516

Description

Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

None

Integrity (Vulnerable System)

Low

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

AMD / AMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 4000 Series Desktop ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsNo fix planned – No fix planned
AMD / AMD Ryzen™ 9000HX Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ AI 300 Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ AI Max 300 Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ Threadripper™ 3000 ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ Threadripper™ 7000 ProcessorsShimadaPeakPI-SP6 1.0.0.1b – ShimadaPeakPI-SP6 1.0.0.1b
AMD / AMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6 1.0.0.1b – ShimadaPeakPI-SP6 1.0.0.1b
AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsShimadaPeakPI-SP6 1.0.0.1b – ShimadaPeakPI-SP6 1.0.0.1b
AMD / AMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6 1.0.0.1b – ShimadaPeakPI-SP6 1.0.0.1b
AMD / AMD Ryzen™ Z1 Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ Z2 Series ProcessorsNo fix planned – No fix planned
AMD / AMD Ryzen™ Z2 Series Processors ExtremeNo fix planned – No fix planned
AMD / AMD Ryzen™ Z2 Series Processors GoNo fix planned – No fix planned

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html