HIGH🇵🇱 Wersja polska

CVE-2025-48510

CVSS 7.1v3.1pub. 2025-11-24upd. 2025-11-26

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • Amd Uprof

    APP
    Amd
    < 5.0.1174< 5.0.1223< 5.0.1479
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-31341HIGH7.3ten sam produkt

Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticat...

CVE-2023-31348HIGH7.3ten sam produkt

A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentiall...

CVE-2023-31349HIGH7.3ten sam produkt

Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privi...

CVE-2026-28237MEDIUM6.8ten sam produkt

Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potent...

CVE-2026-0466MEDIUM6.8ten sam produkt

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-sh...