Vulnerability in Amd Radeon™ Rx 7000 Series Graphics Products

CVE-2024-36334

Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run with elevated privileges potentially leading to arbitrary code execution.

EPSS: 0.000 (0.6th percentile) — read the EPSS interpretation.

Affected products

Amd Radeon™ Rx 7000 Series Graphics Products — versions amd_rx_7900_xtx_rgb_led_20241008.exe “AMD Radeon RX 7900 XTX RGB Tool” available at https://www.amd.com/en/support/downloads/drivers.html/graphics/radeon-rx/radeon-rx-7000-series/amd-radeon-rx-7900-xtx.html

Weakness classification (CWE)

CWE-347 — Improper Verification of Cryptographic Signature

References

psirt@amd.com