Integer overflow in Amd Ryzen™ 4000 Series Desktop Processors
CVE-2025-48515
Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.
Vulnerability class: Integer Overflow
EPSS: 0.001 (2.6th percentile) — read the EPSS interpretation.
Affected products
- Amd Ryzen™ 4000 Series Desktop Processors — versions RenoirPI-FP6_1.0.0.Ec
- Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics — versions RenoirPI-FP6 1.0.0.Ed
- Amd Ryzen™ 5000 Series Desktop Processors With Radeon™ Graphics — versions ComboAM4v2PI_1.2.0.11
- Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics — versions CezannePI-FP6_1.0.1.1c
- Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics — versions CezannePI-FP6_1.0.1.1c
- Amd Ryzen™ Embedded V2000 Series Processors — versions EmbeddedPI-FP6_1.0.0.D