CVE-2025-54502 AMD — Exploit & Vulnerability Details HIGH

Parameter	Value
CVSS	7.1 (HIGH)
Type	CWE-668 (Exposure of Resource to Wrong Sphere)
Vendor	AMD
Public PoC	No

Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

High

Difficult to exploit

Attack Requirements

None

No additional conditions

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-668 Exposure of Resource to Wrong Sphere

References 1

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7054.html

psirt@amd.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2025-54510

AMD

5.9

CVE-2025-54601

Samsung

7.0

CVE-2026-23435

AMD

None

CVE-2026-23264

AMD

None

CVE-2026-23213

Linux

5.5

Menu

CVE-2025-54502

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2025-54510

CVE-2025-54601

CVE-2026-23435

CVE-2026-23264

CVE-2026-23213

CVE Details

Editor's Choice

Menu

CVE-2025-54502

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2025-54510

CVE-2025-54601

CVE-2026-23435

CVE-2026-23264

CVE-2026-23213

CVE Details

Editor's Choice

Stay informed on cybersecurity