目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CVE-2025-48516— AMD DDR5模块AGESA固件不安全默认配置致拒绝服务漏洞

AI 预测 5.5 利用难度: 中等 EPSS 0.01% · P2

可能的 ATT&CK 技术 1AI

T1542.001 · System Firmware

影响版本矩阵 41

厂商产品版本范围状态
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 3000 Series Desktop ProcessorsNo fix plannedunaffected
No fix plannedunaffected
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 4000 Series Desktop ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 5000 Series Desktop ProcessorsNo fix plannedunaffected
No fix plannedunaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
No fix plannedunaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsNo fix plannedunaffected
No fix plannedunaffected
No fix plannedunaffected
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 8000 Series Desktop ProcessorsNo fix plannedunaffected
No fix plannedunaffected
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsNo fix plannedunaffected
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ 9000HX Series ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ AI Max 300 Series ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ Threadripper™ 3000 ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ Threadripper™ 7000 ProcessorsShimadaPeakPI-SP6 1.0.0.1bunaffected
AMDAMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6 1.0.0.1bunaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsNo fix plannedunaffected
No fix plannedunaffected
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsNo fix plannedunaffected
ShimadaPeakPI-SP6 1.0.0.1bunaffected
AMDAMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6 1.0.0.1bunaffected
AMDAMD Ryzen™ Z1 Series ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ Z2 Series ProcessorsNo fix plannedunaffected
AMDAMD Ryzen™ Z2 Series Processors ExtremeNo fix plannedunaffected
AMDAMD Ryzen™ Z2 Series Processors GoNo fix plannedunaffected
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2025-48516 基础信息

漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
缺省权限不正确
来源: 美国国家漏洞数据库 NVD

受影响产品

厂商产品影响版本CPE订阅
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ Graphics No fix planned -
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 7000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 3000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors No fix planned -
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors No fix planned -
AMDAMD Ryzen™ Threadripper™ 3000 Processors No fix planned -
AMDAMD Ryzen™ 9000HX Series Processors No fix planned -
AMDAMD Ryzen™ AI 300 Series Processors No fix planned -
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors No fix planned -
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors No fix planned -
AMDAMD Ryzen™ 7000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 7000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 8000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 8000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 9000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 4000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 5000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 3000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 5000 Series Desktop Processors No fix planned -
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics No fix planned -
AMDAMD Ryzen™ AI Max 300 Series Processors No fix planned -
AMDAMD Ryzen™ Z1 Series Processors No fix planned -
AMDAMD Ryzen™ Z2 Series Processors Extreme No fix planned -
AMDAMD Ryzen™ Z2 Series Processors No fix planned -
AMDAMD Ryzen™ Z2 Series Processors Go No fix planned -
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors ShimadaPeakPI-SP6 1.0.0.1b -
AMDAMD Ryzen™ Threadripper™ 7000 Processors ShimadaPeakPI-SP6 1.0.0.1b -
AMDAMD Ryzen™ Threadripper™ 9000 Processors ShimadaPeakPI-SP6 1.0.0.1b -
AMDAMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors ShimadaPeakPI-SP6 1.0.0.1b -

二、漏洞 CVE-2025-48516 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-48516 的情报信息

登录查看更多情报信息。

同批安全公告 · AMD · 2026-05-15 · 共 39 条

CVE-2025-52540AMD PMF驱动越界写入致提权
CVE-2025-0040NXP JTAG-AXI访问控制漏洞
CVE-2024-21962AMD RAID驱动输入验证缺陷致提权与代码执行
CVE-2025-29935AMD PMF越界写入漏洞(影响代码执行)
CVE-2025-29944AMD Sensor Fusion Hub 驱动缓冲区溢出致系统崩溃
CVE-2025-29938AMD PMF 版本未指定:未检查返回值致任意代码执行
CVE-2025-29937AMD PMF越界读取漏洞
CVE-2025-0028AMD PMF框架越界读写漏洞
CVE-2025-29936AMD平台管理框架输入验证缺陷导致权限提升
CVE-2025-48513AMD PMF未初始化资源漏洞
CVE-2021-26380Trusted OS驱动内存越界致完整性丢失
CVE-2025-48520AMD平台管理框架驱动越界读取漏洞
CVE-2025-48519AMD PMF驱动越界读写致提权漏洞
CVE-2025-0045AMD Secure Processor驱动输入验证漏洞致拒绝服务
CVE-2026-0432AMD芯片组驱动权限错误致提权
CVE-2025-48521ASP PCI驱动Use-After-Free漏洞致平台完整性丧失
CVE-2025-48512AMD GPIO控制器权限配置错误致提权
CVE-2024-36345AMD OverDrive SMM模块越界读取漏洞
CVE-2026-0438SMM handler执行非SMM内存代码导致远程代码执行漏洞
CVE-2023-31309Power Management Firmware多版本信息泄露与可用性受损漏洞

显示前 20 条,共 39 条。 查看全部 → →

IV. Related Vulnerabilities

Same product: AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
Same vendor: AMD
Same weakness: CWE-276

V. Comments for CVE-2025-48516

暂无评论

发表评论