Privilege Escalation Risk in AMD Zen 2-based Products
CVE-2025-54518

7.3HIGH

Key Information:

Vendor: Amd
Status: Amd Epyc™ 7002 Series Processors; Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics; Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics; Amd Ryzen™ 3000 Series Desktop Processors
Vendor: CVE Published:; 15 May 2026

What is CVE-2025-54518?

This vulnerability arises from inadequate isolation within the CPU operation cache of AMD Zen 2 processors. It may enable an attacker to manipulate the execution of instructions at varying privilege levels, leading to potential scenarios of unauthorized access or privilege escalation. Users of affected products should remain vigilant and apply necessary security measures as they become available.

Affected Version(s)

AMD EPYC™ 7002 Series Processors os kernel

AMD EPYC™ Embedded 7002 Series Processors OS kernel

AMD Ryzen Embedded V2000A Series Processors EmbeddedV2KAPI-FP6 1.0.0.A

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Jul 23, 2025

CVE-2025-54518 Data

JSON

Amd

What is CVE-2025-54518?

Affected Version(s)

References

CVSS V4

Timeline