DLL Hijacking Vulnerability in AMD Cleanup Utility
CVE-2024-36333

7HIGH

Key Information:

Vendor: Amd
Status: Amd Radeon™ Rx 5000 Series Graphics Products; Amd Radeon™ Pro W5000 Series Graphics Products; Amd Radeon™ Rx 6000 Series Graphics Products; Amd Radeon™ Rx 7000 Series Graphics Products
Vendor: CVE Published:; 15 May 2026

What is CVE-2024-36333?

A DLL hijacking vulnerability exists in the AMD Cleanup Utility, which may allow attackers to execute arbitrary code with elevated privileges. By exploiting this weakness, an attacker could manipulate the application to load malicious dynamic link libraries, leading to unauthorized access and control over the affected system.

Affected Version(s)

AMD Cleanup Utility https://www.amd.com/en/resources/support-articles/faqs/GPU-601.html

AMD Radeon™ PRO VII AMD Software: PRO Edition 26.Q1 (23.19.24)

AMD Radeon™ PRO W5000 Series Graphics Products AMD Software: PRO Edition 25.Q3.1 (25.10.32 RDNA)

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
May 23, 2024

Credit

Reported through AMD Bug Bounty Program

CVE-2024-36333 Data

JSON

Amd

What is CVE-2024-36333?

Affected Version(s)

References

CVSS V4

Timeline

Credit