Improper Input Validation in AMD uprof Allows Local Attacker to Overwrite MSR Registers
CVE-2025-48502

5.5MEDIUM

Key Information:

Vendor: Amd
Status: Amd Μprof
Vendor: CVE Published:; 21 November 2025

What is CVE-2025-48502?

The vulnerability in AMD uprof arises from improper input validation, allowing a local attacker to overwrite Model-Specific Register (MSR) registers. This flaw could lead to significant system instability, including potential crashes or denial of service. Users are advised to review their systems and apply relevant mitigation strategies to safeguard against this type of local threat.

Affected Version(s)

AMD μProf 5.0

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2025
Vulnerability Reserved
May 22, 2025

Credit

Reported through AMD Bug Bounty Program

JSON

Amd

What is CVE-2025-48502?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit