Amd.comAMD-SB-1052AMD Ryzen™ Master Security Bulletin
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Bulletin ID: AMD-SB-1052 **Potential Impact:**Privilege Escalation Severity: High
Summary
AMD Ryzen™ Master is a software tool that gives users advanced, real-time control of system performance. AMD Ryzen™ Master allows the user to control various clock and voltage settings in real time.
CVE Details
CVE-2022-27677
Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user.
Affected Products
AMD Ryzen™ Master, AMD Ryzen™ Master Monitoring SDK
Mitigation
| OS | Version | Firmware |
|---|---|---|
| Windows 11 | ||
| 2.10.1.2287 | AMD recommends updating to AMD Ryzen™ Master 2.10.1.2287 or higher available here: <https://download.amd.com/Desktop/AMD-Ryzen-Master.exe>AMD recommends updating to AMD Ryzen™ Master Monitoring SDK 2.10.1.2287 or higher available here: https://www.amd.com/en/developer/ryzen-master-monitoring-sdk.html | |
| Windows 10 |
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%