Man-in-the-Middle Vulnerability in AMD Optional Tools
CVE-2026-40677

7.7HIGH

What is CVE-2026-40677?

A vulnerability exists in AMD's optional tools due to the use of insecure HTTP transport, enabling attackers to intercept communications. This opens the door for man-in-the-middle attacks, where an attacker could potentially inject or alter data and execute arbitrary code, posing significant security risks to users.

Affected Version(s)

AMD Management Console (AMC) 14.0.0

AMD Ryzen™ Master 2.14.3

AMD µProf 5.3

References

CVSS V4

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.