Vulnerability in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics (Formerly Codenamed "Picasso")

CVE-2025-48512

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.

EPSS: 0.000 (2.1th percentile) — read the EPSS interpretation.

Affected products

Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics (Formerly Codenamed "Picasso") — versions 7.04.09.545
Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics (Formerly Codenamed "Dali") — versions 7.04.09.545
Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics (Formerly Codenamed "Picasso") — versions 7.04.09.545
Amd Epyc™ 4004 Series Processors — versions AMD Chipset Driver 7.04.09.545
Amd Epyc™ 4005 Series Processors — versions AMD Chipset Driver 7.04.09.545
Amd Epyc™ 7001 Series Processors — versions AMD Server Software 8.03.14.329
Amd Epyc™ 7002 Series Processors — versions AMD Server Software 8.03.14.329
Amd Epyc™ 7003 Series Processors — versions AMD Server Software 8.03.14.329
Amd Epyc™ 8004 Series Processors — versions AMD Server Software 8.03.16.641
Amd Epyc™ 9004 Series Processors — versions AMD Server Software 8.03.16.641

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions

References