Integer overflow in Amd Ryzen™ 4000 Series Desktop Processors

CVE-2025-48515

Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.

Vulnerability class: Integer Overflow

EPSS: 0.001 (2.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References