Privilege Escalation Vulnerability in AMD Ryzen Master Utility
CVE-2024-21946

7.3HIGH

Key Information:

Vendor: Amd
Status: Ryzen Master Utility For Overclocking Control
Vendor: CVE Published:; 12 November 2024

What is CVE-2024-21946?

A vulnerability exists in the AMD Ryzen Master Utility that arises from incorrect default permissions in the installation directory. This flaw could enable an attacker to exploit the permissions to achieve privilege escalation, potentially allowing them to execute arbitrary code in the context of the affected user. It is crucial for users to review their installations and apply any available security updates to mitigate the associated risks.

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2024

Amd

What is CVE-2024-21946?

References

CVSS V3.1

Timeline