CVE-2025-62625

Description

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

High

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

None

Availability (Vulnerable System)

None

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Device Management Portal (ADMP)3.0.0.895 – 3.0.0.895
AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 4000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 9000HX Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ AI 300 Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ AI Max 300 Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ Threadripper™ 3000 ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ Threadripper™ 7000 ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ Threadripper™ 9000 ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / AMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
AMD / Not publicAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9023.html