Man-in-the-Middle Vulnerability in AMD Optional Tools
CVE-2026-40677
7.7HIGH
Key Information:
- Vendor
Amd
- Vendor
- CVE Published:
- 12 June 2026
What is CVE-2026-40677?
A vulnerability exists in AMD's optional tools due to the use of insecure HTTP transport, enabling attackers to intercept communications. This opens the door for man-in-the-middle attacks, where an attacker could potentially inject or alter data and execute arbitrary code, posing significant security risks to users.
Affected Version(s)
AMD Management Console (AMC) 14.0.0
AMD Ryzen™ Master 2.14.3
AMD µProf 5.3