Privilege Escalation Vulnerability in AMD Cloud Manageability Service
CVE-2025-0035

7.3HIGH

Key Information:

Vendor: Amd
Status: Amd Cloud Manageability Service
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-0035?

The AMD Cloud Manageability Service contains an unquoted search path vulnerability that can be exploited by a local attacker. Successful exploitation may allow the attacker to escalate privileges, which could potentially enable them to execute arbitrary code. This could compromise the security integrity of the system and expose sensitive information or operations.

Affected Version(s)

AMD Cloud Manageability Service 2.0.0.262

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Nov 21, 2024

Amd

What is CVE-2025-0035?

Affected Version(s)

References

CVSS V3.1

Timeline