Improper Input Validation in AMD Platform Management Framework Driver
CVE-2025-52540

8.5HIGH

Key Information:

Vendor: Amd
Status: Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics (formerly Codenamed "rembrandt R"); Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics (formerly Codenamed "phoenix"); Amd Ryzen™ 8040 Series Mobile Processors With Radeon™ Graphics (formerly Codenamed "hawk Point"); Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics (formerly Codenamed "rembrandt")
Vendor: CVE Published:; 15 May 2026

What is CVE-2025-52540?

The AMD Platform Management Framework (PMF) Driver is susceptible to an improper input validation vulnerability. This flaw allows a local attacker to exploit out-of-bounds writing, which may lead to unauthorized privilege escalation. Proper security measures and timely updates are crucial to mitigate this risk and protect affected systems.

Affected Version(s)

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt") 7.06.02.123

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R") 7.06.02.123

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix") 7.06.02.123

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Jun 17, 2025

Credit

Reported through AMD Bug Bounty Program

CVE-2025-52540 Data

JSON

Amd

What is CVE-2025-52540?

Affected Version(s)

References

CVSS V4

Timeline

Credit