CVE-2025-54502

Description

Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

High

Attack Requirements

None

Privileges Required

High

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5_1.0.1.2e – PicassoPI-FP5_1.0.1.2e
AMD / AMD EPYC™ 4004 Series ProcessorsComboAM5PI 1.0.0.d – ComboAM5PI 1.0.0.d
AMD / AMD EPYC™ 7002 Series ProcessorsRome-1.0.0.P – Rome-1.0.0.P
AMD / AMD EPYC™ 7003 Series ProcessorsMilanPI-SP3_1.0.0.J – MilanPI-SP3_1.0.0.J
AMD / AMD EPYC™ 8004 Series ProcessorsGenoaPI_1.0.0.H – GenoaPI_1.0.0.H
AMD / AMD EPYC™ 9004 Series ProcessorsGenoaPI_1.0.0.H – GenoaPI_1.0.0.H
AMD / AMD EPYC™ 9005 Series ProcessorsTurinPI-SP5_1.0.0.9 – TurinPI-SP5_1.0.0.9
AMD / AMD EPYC™ 9V64H ProcessorMI300C 1.0.0.3 – MI300C 1.0.0.3
AMD / AMD EPYC™ Embedded 7002 Series ProcessorsEmbRomePI-SP3 1.0.0.F – EmbRomePI-SP3 1.0.0.F
AMD / AMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 1.0.0.D – EmbMilanPI-SP3 1.0.0.D
AMD / AMD EPYC™ Embedded 8004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.D – EmbGenoaPI-SP5 1.0.0.D
AMD / AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")EmbGenoaPI-SP5 1.0.0.D – EmbGenoaPI-SP5 1.0.0.D
AMD / AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")EmbGenoaPI-SP5 1.0.0.D – EmbGenoaPI-SP5 1.0.0.D
AMD / AMD EPYC™ Embedded 9005 Series ProcessorsEmbeddedTurinPI_SP5_1004 – EmbeddedTurinPI_SP5_1004
AMD / AMD Instinct™ MI300A Series ProcessorsMI300A 1.0.0.C – MI300A 1.0.0.C
AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10 – ComboAM4v2PI 1.2.0.10
AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4PI 1.0.0.10 – ComboAM4PI 1.0.0.10
AMD / AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5_1.0.1.2e – PicassoPI-FP5_1.0.1.2e
AMD / AMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10 – ComboAM4v2PI 1.2.0.10
AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.Ed – RenoirPI-FP6 1.0.0.Ed
AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10 – ComboAM4v2PI 1.2.0.10
AMD / AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2PI 1.2.0.10 – ComboAM4v2PI 1.2.0.10
AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1d – CezannePI-FP6_1.0.1.1d
AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bg – RembrandtPI-FP7_1.0.0.Bg
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.2.0.3h – ComboAM5PI 1.2.0.3h
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.d – ComboAM5PI 1.0.0.d
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.1.0.3f – ComboAM5PI 1.1.0.3f
AMD / AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael")ComboAM5PI 1.2.8.0 – ComboAM5PI 1.2.8.0
AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6_1.0.0.7g – MendocinoPI-FT6_1.0.0.7g
AMD / AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1d – CezannePI-FP6_1.0.1.1d
AMD / AMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bg – RembrandtPI-FP7_1.0.0.Bg
AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0f – PhoenixPI-FP8-FP7_1.2.0.0f
AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1PI 1.0.0.3k – DragonRangeFL1PI 1.0.0.3k
AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.2.0.3h – ComboAM5PI 1.2.0.3h
AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.1.0.3f – ComboAM5PI 1.1.0.3f
AMD / AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")ComboAM5PI 1.2.8.0 – ComboAM5PI 1.2.8.0
AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0f – PhoenixPI-FP8-FP7_1.2.0.0f
AMD / AMD Ryzen™ 9000HX Series ProcessorsFireRangeFL1PI 1.0.0.0d – FireRangeFL1PI 1.0.0.0d
AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5PI 1.2.0.3h – ComboAM5PI 1.2.0.3h
AMD / AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")ComboAM5PI 1.2.8.0 – ComboAM5PI 1.2.8.0
AMD / AMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0e – StrixKrackanPI-FP8_1.1.0.0e
AMD / AMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.2d – StrixKrackanPI-FP8_1.1.0.2d
AMD / AMD Ryzen™ AI Max 300 Series ProcessorsStrixHaloPI-FP11_1.0.0.2a – StrixHaloPI-FP11_1.0.0.2a
AMD / AMD Ryzen™ Embedded 5000 Series ProcessorsEmbAM4PI 1.0.0.9 – EmbAM4PI 1.0.0.9
AMD / AMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.7 – EmbeddedAM5PI 1.0.0.7
AMD / AMD Ryzen™ Embedded 8000 Series ProcessorsEmbeddedPhoenixPI-FP7r2_1.0.0.4 – EmbeddedPhoenixPI-FP7r2_1.0.0.4
AMD / AMD Ryzen™ Embedded 9000 Series ProcessorsEmbeddedAM5PI 1.0.0.5 – EmbeddedAM5PI 1.0.0.5
AMD / AMD Ryzen™ Embedded R1000 Series ProcessorsEmbeddedPI-FP5 1213 – EmbeddedPI-FP5 1213
AMD / AMD Ryzen™ Embedded R2000 Series ProcessorsEmbeddedR2KPI-FP5 1008 – EmbeddedR2KPI-FP5 1008
AMD / AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")EmbeddedPI-FP5 1213 – EmbeddedPI-FP5 1213
AMD / AMD Ryzen™ Embedded V2000 Series ProcessorsEmbeddedPI-FP6_1.0.0.D – EmbeddedPI-FP6_1.0.0.D
AMD / AMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 1012 – Embedded-PI_FP7r2 1012
AMD / AMD Ryzen™ Threadripper™ 7000 ProcessorsShimadaPeakPI-SP6 1.0.0.1c – ShimadaPeakPI-SP6 1.0.0.1c
AMD / AMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6 1.0.0.1c – ShimadaPeakPI-SP6 1.0.0.1c
AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsCastlePeakWSPI-sWRX8 1.0.0.I – CastlePeakWSPI-sWRX8 1.0.0.I
AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.D – ChagallWSPI-sWRX8 1.0.0.D
AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.D – ChagallWSPI-sWRX8 1.0.0.D
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6_1.1.0.0k – StormPeakPI-SP6_1.1.0.0k
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsShimadaPeakPI-SP6 1.0.0.1c – ShimadaPeakPI-SP6 1.0.0.1c
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.0.0.1m – StormPeakPI-SP6 1.0.0.1m
AMD / AMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6 1.0.0.1c – ShimadaPeakPI-SP6 1.0.0.1c
AMD / AMD Ryzen™ Z1 Series ProcessorsPhoenixPI-FP8-FP7_1.2.0.0f – PhoenixPI-FP8-FP7_1.2.0.0f
AMD / AMD Ryzen™ Z1 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0e – StrixKrackanPI-FP8_1.1.0.0e
AMD / AMD Ryzen™ Z2 Series ProcessorsPhoenixPI-FP8-FP7_1.2.0.0f – PhoenixPI-FP8-FP7_1.2.0.0f
AMD / AMD Ryzen™ Z2 Series Processors ExtremeStrixKrackanPI-FP8_1.1.0.0e – StrixKrackanPI-FP8_1.1.0.0e
AMD / AMD Ryzen™ Z2 Series Processors GoRembrandtPI-FP7_1.0.0.Bg – RembrandtPI-FP7_1.0.0.Bg

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7054.html