Privilege escalation in Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality.

Vulnerability class: Privilege Escalation

EPSS: 0.001 (16.4th percentile) — read the EPSS interpretation.

Affected products

Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics — versions AMD Device Management Portal 3.0.0.895
Amd Device Management Portal (Admp) — versions 3.0.0.895
Amd Ryzen™ 3000 Series Desktop Processors — versions AMD Device Management Portal 3.0.0.895
Amd Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics — versions AMD Device Management Portal 3.0.0.895
Amd Ryzen™ 4000 Series Desktop Processors — versions AMD Device Management Portal 3.0.0.895
Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics — versions AMD Device Management Portal 3.0.0.895
Amd Ryzen™ 5000 Series Desktop Processors — versions AMD Device Management Portal 3.0.0.895
Amd Ryzen™ 5000 Series Desktop Processors With Radeon™ Graphics — versions AMD Device Management Portal 3.0.0.895
Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics — versions AMD Device Management Portal 3.0.0.895
Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics — versions AMD Device Management Portal 3.0.0.895

Weakness classification (CWE)

CWE-269 — Improper Privilege Management

References

psirt@amd.com