Insufficient Validation Issue in Xilinx Run Time Framework by AMD
CVE-2025-0007

5.7MEDIUM

Key Information:

Vendor

Amd
Status
Xilinx Run Time (xrt)
Vendor
CVE Published:
24 November 2025

What is CVE-2025-0007?

The Xilinx Run Time framework from AMD contains a flaw that allows local attackers to perform privilege escalation, moving from user space to kernel space. This weakness may lead to significant risks involving confidentiality, integrity, and availability of the system.

Affected Version(s)

Xilinx Run Time (XRT) 2025.1

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Reported through AMD Bug Bounty Program
JSON
.
CVE-2025-0007 : Insufficient Validation Issue in Xilinx Run Time Framework by AMD