VDB
CISA-2025-0032
CISA-2025-0032
PUBLISHED
CVSS 7.2 HIGH
Reported by AMD · Published September 6, 2025
Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution.
Risk Scores
CVSS 3.1
7.2
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| AMD | AMD EPYC™ 9005 Series Processors | TurinPI 1.0.0.4 |
| AMD | AMD Ryzen™ AI 300 Series Processors | StrixKrackanPI-FP8_1.1.0.1b |
| AMD | AMD Ryzen™ 9000 Series Desktop Processors | ComboAM5PI 1.2.0.3c |
| AMD | AMD Ryzen™ 9000HX Series Processors | FireRangeFL1PI 1.0.0.0a |
| AMD | AMD Ryzen™ Al Max+ | StrixHaloPI-FP11_1.0.0.1 |
| AMD | AMD Ryzen™ Threadripper™ 9000 series | ShimadaPeakPI-SP6 1.0.0.1 |
| AMD | AMD EPYC™ Embedded 9000 Series Processors | Embturin PI 1.0.0.0 |
| AMD | AMD Ryzen™ AI 300 Series Processors | StrixKrackanPI-FP8_1.1.0.1b, StrixKrackanPI-FP8_1.1.0.1b |
| AMD | AMD Ryzen™ Threadripper™ 9000 series | ShimadaPeakPI-SP6 1.0.0.1, ShimadaPeakPI-SP6 1.0.0.1 |
| AMD | AMD Ryzen™ Al Max+ | StrixHaloPI-FP11_1.0.0.1, StrixHaloPI-FP11_1.0.0.1 |
| AMD | AMD EPYC™ Embedded 9000 Series Processors | *, Embturin PI 1.0.0.0 |
| AMD | AMD Ryzen™ 9000 Series Desktop Processors | ComboAM5PI 1.2.0.3c, ComboAM5PI 1.2.0.3c |
| AMD | AMD Ryzen™ 9000HX Series Processors | FireRangeFL1PI 1.0.0.0a, * |
| AMD | AMD EPYC™ 9005 Series Processors | TurinPI 1.0.0.4, * |
Timeline
- Sep 6, 2025 CVE Published
- Feb 26, 2026 CVE Updated