Lucene search
K
AmdRadeon Software

52 matches found

CVE
CVE
added 2022/05/12 6:39 p.m.154 views

CVE-2021-26363

CVE-2021-26363 affects AMD ASP/SMU firmware where a malicious or compromised UApp or ABL could modify the ASP’s reserved DRAM value outside the fenced area, potentially exposing data. The vulnerability is documented in AMD SB-1027 with platform-specific mitigations (e.g., Raven Ridge AM4 family),...

4.4CVSS5.7AI score0.0021EPSS
CVE
CVE
added 2023/10/17 1:26 p.m.132 views

CVE-2023-20598

The CVE concerns the AMD Radeon graphics driver where improper privilege management (insufficient access control) in IOCTL handling could allow an authenticated attacker to craft IOCTLs to access arbitrary hardware ports or physical addresses, potentially enabling arbitrary code execution. The is...

7.8CVSS7.6AI score0.0046EPSS
In wild
CVE
CVE
added 2022/05/12 5:9 p.m.107 views

CVE-2021-26366

CVE-2021-26366 is documented by AMD in AMD-SB-1027 as a vulnerability where an attacker with elevated privileges could read data from Boot ROM, compromising system integrity. The AMD bulletin lists CVE-2021-26366 under desktop/mobile/server SKUs and ties it to AGESA PI firmware fixes. Mitigation:...

7.1CVSS7.1AI score0.0023EPSS
CVE
CVE
added 2022/05/12 6:27 p.m.92 views

CVE-2021-26317

CVE-2021-26317: The AMD SMM protocol verification failure allows an attacker to take control of the SMM protocol and modify SPI flash, potentially enabling arbitrary code execution. Public documentation ties this to AMD’s SMM/ASP/SEV family and lists it among AMD client vulnerabilities with a hig...

7.8CVSS8.1AI score0.00268EPSS
CVE
CVE
added 2022/05/12 5:43 p.m.91 views

CVE-2021-26362

Summary: CVE-2021-26362 describes a vulnerability in AMD System Management Unit (SMU) where a malicious or compromised UApp/ABL can issue a malformed system call to map sensitive SMN registers, potentially compromising integrity and availability. The CVE is associated with AMD platforms and is mi...

7.1CVSS7.2AI score0.00209EPSS
CVE
CVE
added 2021/06/11 9:50 p.m.89 views

CVE-2020-12985

CVE-2020-12985 refers to an insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10, which may lead to escalation of privileges or a denial of service. Affected product: AMD Graphics Driver for Windows 10. Root cause: insufficient pointer validation in the driver. ...

7.8CVSS7.8AI score0.00261EPSS
CVE
CVE
added 2022/05/12 5:46 p.m.89 views

CVE-2021-26361

The CVE-2021-26361 vulnerability affects AMD ASP/AGESA Boot Loader where a malicious or compromised UApp or ABL could exfiltrate arbitrary memory from the ASP stage 2 bootloader, leading to information disclosure. The issue is tied to the boot firmware stack (AGESA PI) across multiple AMD platfor...

5.5CVSS6AI score0.00227EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.88 views

CVE-2020-12930

CVE-2020-12930 is an AMD ASP/PSP driver vulnerability described as improper parameter handling that could allow a privileged attacker to elevate privileges, potentially compromising integrity. The AMD security bulletin AMD-SB-5001 maps this CVE to various AMD Embedded/ Ryzen platforms and provide...

7.8CVSS7.5AI score0.00251EPSS
CVE
CVE
added 2021/06/11 9:49 p.m.87 views

CVE-2020-12981

CVE-2020-12981 affects AMD Graphics Driver for Windows 10. It stems from insufficient input validation in the driver, allowing unprivileged users to unload the driver and potentially cause memory corruption in high-privileged processes, leading to privilege escalation or denial of service. Remedi...

7.8CVSS7.5AI score0.00278EPSS
CVE
CVE
added 2022/05/12 5:7 p.m.87 views

CVE-2021-26369

CVE-2021-26369 : AMD systems vulnerable when a malicious or compromised UApp or ABL sends a malformed system call to the bootloader, causing out-of-bounds memory accesses in the AMD System Management Unit/boot path. The AMD bulletin AMD-SB-1027 aggregates this with multiple platform family mitiga...

7.8CVSS7.8AI score0.00229EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.86 views

CVE-2021-26393

CVE-2021-26393 describes insufficient memory cleanup in the AMD Secure Processor (ASP) TEE, which could allow an authenticated user with privileges to generate a valid signed TA and potentially poison process memory, leading to confidentiality loss. The connected AMD security bulletin (AMD-SB-500...

5.5CVSS6.2AI score0.00247EPSS
CVE
CVE
added 2021/06/11 9:49 p.m.85 views

CVE-2020-12982

CVE-2020-12982 is an issue in the AMD Graphics Driver for Windows 10 describing an invalid object pointer free vulnerability that could lead to privilege escalation or denial of service . The AMD security bulletin AMD-SB-1000 attributes this CVE to the AMD graphics stack and lists mitigations: Ra...

7.8CVSS7.8AI score0.00261EPSS
CVE
CVE
added 2022/02/04 10:29 p.m.84 views

CVE-2020-12891

CVE-2020-12891 (AMD Radeon Software) vulnerability involves DLL hijacking via the DLL search path. An unprivileged user could drop a malicious DLL in any location on the PATH, potentially impacting AMD Radeon Software for Windows. Affected: AMD Radeon Software for Windows 10 and related AMD Graph...

7.8CVSS7.5AI score0.00254EPSS
CVE
CVE
added 2021/11/15 3:48 p.m.82 views

CVE-2020-12902

AMD Graphics Driver for Windows 10 is affected by CVE-2020-12902, described as Arbitrary Decrement Privilege Escalation. The vulnerability is noted in multiple sources (NVD entry and Intel advisory) as a local-exploitation issue with potential for privilege escalation and denial of service. The A...

7.8CVSS7.8AI score0.00238EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.82 views

CVE-2020-12931

The CVE-2020-12931 issue affects the AMD Secure Processor (ASP) kernel, caused by improper parameter handling, enabling a privileged attacker to elevate privileges and potentially compromise integrity. AMD’s AMD-SB-5001 bulletin maps this vulnerability across ASP/PSP components (ASP kernel) and p...

7.8CVSS7.3AI score0.00251EPSS
CVE
CVE
added 2021/06/11 9:49 p.m.81 views

CVE-2020-12983

CVE-2020-12983 : The AMD Graphics Driver for Windows 10 contains an out-of-bounds write vulnerability that may lead to privilege escalation or denial of service. AMD-SB-1000 details the affected products and mitigations, listing mitigated versions starting at 20.7.1+ for AMD Radeon Software (Ente...

7.8CVSS7.8AI score0.00261EPSS
CVE
CVE
added 2021/06/11 9:50 p.m.80 views

CVE-2020-12986

CVE-2020-12986 is an AMD Graphics Driver for Windows 10 vulnerability described as an insufficient pointer validation issue that can enable arbitrary code execution in the kernel, causing privilege escalation or denial of service. The AMD Security Bulletin AMD-SB-1000 lists this CVE and notes mit...

7.8CVSS8.1AI score0.00313EPSS
CVE
CVE
added 2021/06/11 9:49 p.m.79 views

CVE-2020-12980

CVE-2020-12980 is a vulnerability in the AMD Graphics Driver for Windows 10 described as an out-of-bounds write and read . The available connected documents confirm the affected component and the impact: potential for escalation of privilege or denial of service . The AMD security bulletin AMD-SB...

7.8CVSS7.8AI score0.00261EPSS
CVE
CVE
added 2021/11/15 7:48 p.m.78 views

CVE-2020-12894

CVE-2020-12894 affects AMD Graphics Driver for Windows 10. Root cause: Arbitrary Write in Escape 0x40010d, potentially allowing arbitrary writes to kernel memory and denial of service. Mitigations are available: AMD bulletin AMD-SB-1000 lists mitigated versions (e.g., 20.7.1+ for AMD Radeon Softw...

7.1CVSS7.1AI score0.00231EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.78 views

CVE-2021-26392

CVE-2021-26392 involves insufficient verification of a missing size check in LoadModule, leading to an out-of-bounds write that could enable code execution in the OS/kernel via loading a malicious TA. AMD’s related bulletin (AMD-SB-5001) labels this CVE as Medium and provides mitigations through ...

7.8CVSS8.1AI score0.0026EPSS
CVE
CVE
added 2023/11/14 6:50 p.m.78 views

CVE-2021-46748

CVE-2021-46748 involves insufficient bounds checking in the AMD Secure Processor (ASP), potentially allowing a local attacker to access memory outside the bounds allowed to a Trusted Application, causing a denial of service. Connected sources confirm impact on AMD graphics components and ASP inte...

5.5CVSS5.6AI score0.00211EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.77 views

CVE-2021-26360

CVE-2021-26360 describes a local-attack vulnerability in the AMD Secure Processor (ASP) where an attacker with local access can modify the security configuration of the SOC registers, potentially corrupting the ASP’s encrypted memory and enabling arbitrary code execution in the ASP environment. T...

7.8CVSS7.9AI score0.00213EPSS
CVE
CVE
added 2021/06/11 9:50 p.m.75 views

CVE-2020-12987

CVE-2020-12987 is a vulnerability described as a heap information leak/kernel pool address disclosure in the AMD Graphics Driver for Windows 10, potentially enabling a KASLR bypass. The AMD bulletins and third-party references confirm the affected product: AMD Graphics Driver for Windows 10, with...

5.5CVSS5.8AI score0.00276EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.75 views

CVE-2021-26391

CVE-2021-26391 affects AMD firmware/TPM-like trust environment: insufficient verification of multiple header signatures when loading a Trusted Application (TA) may allow a privileged attacker to gain code execution in the TA or OS/kernel. AMD-SB-4001 lists this CVE as Medium severity and provides...

7.8CVSS7.9AI score0.00172EPSS
CVE
CVE
added 2021/11/15 2:51 p.m.70 views

CVE-2020-12964

CVE-2020-12964 affects the AMD Radeon Kernel Driver Escape 0x2000c00 Call handler. A local attacker could escalate privileges, trigger a DoS via Windows BugCheck, or leak information. AMD’s bulletin AMD-SB-1000 associates mitigations with specific driver versions: AMD Radeon Software for Windows ...

7.8CVSS7.4AI score0.00238EPSS
CVE
CVE
added 2021/11/15 3:27 p.m.69 views

CVE-2020-12900

CVE-2020-12900 is an arbitrary write vulnerability affecting the AMD Radeon Graphics Driver for Windows 10. The AMD Radeon Graphics Driver for Windows 10 is the affected product; the flaw potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service. According...

7.8CVSS7.7AI score0.00238EPSS
CVE
CVE
added 2024/08/13 4:50 p.m.69 views

CVE-2021-26367

CVE-2021-26367 describes a vulnerability where an attacker with local access could cause a misconfiguration of the Trusted Memory Regions (TMRs) on AMD platforms with AMD Secure Processor (ASP). The root cause is misconfiguration of TMR address ranges, potentially enabling an attacker to set an a...

6CVSS7.2AI score0.00157EPSS
CVE
CVE
added 2021/11/15 7:44 p.m.67 views

CVE-2020-12903

CVE-2020-12903 is an Out of Bounds Write and Read in the AMD Graphics Driver for Windows 10, specifically in Escape 0x6002d03, which may lead to escalation of privilege or denial of service. Affected product: AMD Graphics Driver for Windows 10. The AMD Security Bulletin AMD-SB-1000 documents this...

7.8CVSS7.8AI score0.00253EPSS
CVE
CVE
added 2021/11/15 6:58 p.m.66 views

CVE-2020-12898

CVE-2020-12898 is a Stack Buffer Overflow in the AMD Graphics Driver for Windows 10. Affected: AMD Graphics Driver for Windows 10. Risk: escalation of privilege or denial of service (per NVD). Root cause: stack overflow in the driver’s code path. Mitigation: AMD bulletin AMD-SB-1000 lists CVE-202...

7.8CVSS7.8AI score0.00256EPSS
CVE
CVE
added 2021/11/15 7:40 p.m.66 views

CVE-2020-12905

CVE-2020-12905 affects AMD Graphics Driver for Windows 10 (Escape 0x3004403) with an Out-of-Bounds Read that can lead to arbitrary information disclosure. Affected component is the AMD Graphics Driver; root cause is an out-of-bounds read in the Escape handling. The CVE is listed in multiple sourc...

5.5CVSS5.8AI score0.00251EPSS
CVE
CVE
added 2021/11/15 7:42 p.m.66 views

CVE-2020-12962

CVE-2020-12962 affects the AMD Graphics Driver for Windows. Vulnerability: Escape call interface may lead to privilege escalation. Affected product: AMD Graphics Driver for Windows 10; root cause tied to Escape call interface handling. Impact: local privilege escalation with high CVSS v3.1 score ...

7.8CVSS7.6AI score0.00253EPSS
CVE
CVE
added 2023/11/14 6:51 p.m.66 views

CVE-2023-31320

CVE-2023-31320 affects the AMD Radeon Graphics display driver. The root cause is improper input validation, which can allow an attacker to corrupt the display and potentially cause a denial of service. According to NVD, CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base score 7.5, HIGH). AMD’s ...

7.5CVSS7.3AI score0.01261EPSS
CVE
CVE
added 2021/11/15 3:56 p.m.65 views

CVE-2020-12895

Vulnerability CVE-2020-12895: Pool/Heap Overflow in AMD Graphics Driver for Windows 10 (Escape 0x110037) can lead to escalation of privilege, information disclosure, or denial of service. Affected product: AMD Graphics Driver for Windows 10. Root cause: heap/ pool overflow in Escape call handling...

7.8CVSS7.6AI score0.00246EPSS
CVE
CVE
added 2023/11/14 6:51 p.m.65 views

CVE-2023-20567

The CVE-2023-20567 entry concerns the Radeon RX Vega M Graphics driver for Windows, with the root cause being improper signature verification in AMDSoftwareInstaller.exe. This vulnerability could allow an attacker with admin privileges to execute arbitrary code by launching the signed-update tool...

6.7CVSS7.1AI score0.00158EPSS
CVE
CVE
added 2024/11/12 5:14 p.m.65 views

CVE-2024-21937

CVE-2024-21937 concerns the AMD HIP SDK installation directory where incorrect default ACL permissions are inherited from the parent folder. This could allow a local, low-privileged attacker to escalate privileges and potentially achieve arbitrary code execution. The AMD-SB-6015 bulletin document...

7.8CVSS8AI score0.00262EPSS
CVE
CVE
added 2021/11/15 7:45 p.m.61 views

CVE-2020-12893

CVE-2020-12893 affects AMD Graphics Driver for Windows 10. The vendor data indicates a Stack Buffer Overflow in the driver’s Escape 0x15002a path, which may lead to escalation of privilege or denial of service. Affected product family is the AMD Graphics Driver for Windows 10; mitigation is avail...

7.8CVSS7.8AI score0.00256EPSS
CVE
CVE
added 2021/11/15 3:44 p.m.61 views

CVE-2020-12897

CVE-2020-12897 affects AMD Graphics Driver for Windows 10. It describes a Kernel Pool Address disclosure that may lead to a KASLR bypass, enabling information disclosure and potential privilege escalation on a local system. The AMD bulletin AMD-SB-1000 documents mitigations and assigns patched ve...

5.5CVSS5.9AI score0.00239EPSS
CVE
CVE
added 2023/11/14 6:51 p.m.61 views

CVE-2023-20568

CVE-2023-20568 involves improper signature verification in the Radeon RX Vega M Graphics driver for Windows, allowing an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature and potentially achieve arbitrary code execution. The issue affects Radeon RX...

6.7CVSS7.1AI score0.00158EPSS
CVE
CVE
added 2021/11/15 3:12 p.m.60 views

CVE-2020-12904

CVE-2020-12904 affects AMD Graphics Driver for Windows 10. Issue: Out of Bounds Read in Escape 0x3004203, leading to potential information disclosure. Affected product: AMD Graphics Driver for Windows 10. Impact: partial information disclosure (per CVSS data: local, low to medium, confidentiality...

5.5CVSS5.8AI score0.00237EPSS
CVE
CVE
added 2021/11/15 3:50 p.m.59 views

CVE-2020-12920

CVE-2020-12920 refers to a potential denial-of-service issue in the AMD Display/Graphics Driver when handling Escape 0x130007 calls, where a low-privilege local attacker could trigger a Windows BugCheck. The vulnerability affects AMD Graphics Driver for Windows 10 and is documented in AMD’s secur...

5.5CVSS5.9AI score0.00212EPSS
CVE
CVE
added 2021/11/15 3:58 p.m.58 views

CVE-2020-12963

CVE-2020-12963 is an insufficent pointer validation vulnerability in the AMD Graphics Driver for Windows 10. It affects AMD Graphics Driver for Windows 10; unprivileged users could compromise the system. Mitigations: update to AMD Radeon Software / Enterprise Driver versions 20.11.2+ (and 21.Q1 E...

7.8CVSS7.5AI score0.00253EPSS
CVE
CVE
added 2021/11/15 3:52 p.m.57 views

CVE-2020-12929

CVE-2020-12929 affects the AMD Graphics Driver for Windows 10. It is caused by improper parameter validation in some trusted PSP applications, enabling a local attacker to bypass security restrictions and achieve arbitrary code execution. According to AMD’s bulletin, this CVE is mitigated in Rade...

7.8CVSS7.8AI score0.00257EPSS
CVE
CVE
added 2024/08/13 4:52 p.m.56 views

CVE-2023-20510

CVE-2023-20510 involves insufficient DRAM address validation in PMFW, allowing a privileged local attacker to read from an invalid DRAM address into SRAM, potentially causing data corruption or a denial of service. Affected component: PMFW; underlying cause: DRAM address validation flaw. The prov...

6CVSS7.1AI score0.00145EPSS
CVE
CVE
added 2021/11/15 7:20 p.m.55 views

CVE-2020-12901

CVE-2020-12901 affects the AMD Graphics Driver for Windows 10, with the issue described as Arbitrary Free After Use that may lead to a KASLR bypass or information disclosure. Connected sources confirm the affected product (AMD Graphics Driver for Windows 10) and the underlying consequence. Mitiga...

5.5CVSS5.5AI score0.00253EPSS
CVE
CVE
added 2021/11/15 6:39 p.m.54 views

CVE-2020-12892

CVE-2020-12892 is an AMD graphics driver vulnerability affecting Windows 10 AMD Radeon Software and Radeon Settings Installer. Root cause: an untrusted search path in the installer could allow privilege escalation or unauthorized code execution. Impact per sources: local privilege escalation with...

7.8CVSS7.9AI score0.00304EPSS
CVE
CVE
added 2021/11/15 3:29 p.m.52 views

CVE-2020-12899

CVE-2020-12899 is an Arbitrary Read vulnerability in AMD Graphics Driver for Windows 10 that may enable KASLR bypass or denial of service. Connected sources confirm the AMD driver as affected and cite mitigations: AMD-SB-1000 lists updated driver versions (e.g., 20.11.2+ for some packages and 21....

7.1CVSS7.1AI score0.00233EPSS
CVE
CVE
added 2021/11/15 7:47 p.m.50 views

CVE-2020-12960

CVE-2020-12960 affects AMD Graphics Driver for Windows 10, specifically the amdfender.sys component. The issue is an input validation fault in InputBuffer that may cause a denial of service. Affected product family is AMD Graphics Driver for Windows 10 (kernel/user-space interaction via amdfender...

5.5CVSS5.6AI score0.00225EPSS
CVE
CVE
added 2023/08/08 5:5 p.m.49 views

CVE-2023-20586

CVE-2023-20586 affects Radeon Software Crimson ReLive Edition. The issue is an insufficient bounds check that may allow an out-of-bounds read via an IRP, potentially enabling privilege escalation. The AMD bulletin AMD-SB-6007 notes the software falls outside the security lifecycle and AMD does no...

9.8CVSS9.7AI score0.00811EPSS
CVE
CVE
added 2024/08/13 4:54 p.m.49 views

CVE-2023-31307

CVE-2023-31307 involves improper validation of an array index in Power Management Firmware (PMFW), allowing a local, privileged attacker to trigger an out-of-bounds memory read and potentially cause a denial of service. The issue is documented across multiple sources, referencing PMFW as the vuln...

4.4CVSS6.9AI score0.00153EPSS
CVE
CVE
added 2026/02/11 2:35 p.m.18 views

CVE-2023-20548

CVE-2023-20548 describes a TOCTOU race in the AMD Secure Processor (ASP) that could lead to memory corruption with impacts to integrity, confidentiality, and availability. Affected component is ASP; the underlying issue is a race condition between checks and usage that attackers could potentially...

7.8CVSS5.5AI score0.00101EPSS
Total number of security vulnerabilities52