Out-of-Bounds Read Vulnerability in AMD Power Management Firmware
CVE-2025-0044

4.8MEDIUM

Key Information:

Vendor: Amd
Status: Amd Ryzen™ Al Max+; Amd Ryzen™ Ai 300 Series Processors; Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics; Amd Ryzen™ 8000 Series Desktop Processors
Vendor: CVE Published:; 15 May 2026

What is CVE-2025-0044?

An out-of-bounds read vulnerability exists in AMD's power management firmware that can be exploited by a local attacker with limited privileges. This flaw may result in a partial loss of data confidentiality and availability, potentially exposing sensitive information to unauthorized access. Users are advised to update their firmware to the latest version to mitigate this risk.

Affected Version(s)

AMD Radeon™ PRO W7000 Series Graphics Products AMD Software: PRO Edition 24.Q2 (24.10.20)

AMD Radeon™ RX 7000 Series Graphics Products AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Nov 21, 2024

CVE-2025-0044 Data

JSON

Amd

What is CVE-2025-0044?

Affected Version(s)

References

CVSS V4

Timeline