AMD Ryzen 4000
Moderate fix2 remedies
cpe:2.3:a:amd:ryzen:*:*:*:*:*:*:*, +2 more
Moderate fix2 remedies
- >= 1.2.0.CA, < 1.2.0.CA
- >= 1.0.0.D, < 1.0.0.D
AMD Secure Processor Power State Management Vulnerability Allowing Unauthorized VCN Firmware Modifications
Vulnerability
Patched
A vulnerability exists in the AMD Secure Processor (ASP) related to improper management of hardware configuration integrity during power save and restore operations. This flaw could enable an attacker with the capability to write outside the trusted memory range (TMR) to alter the execution flow of the Video Core Next (VCN) firmware. Such a modification could potentially disrupt the confidentiality, integrity, or availability of the system.
Impact
Exploitation of this vulnerability could lead to unauthorized changes in the execution of the VCN firmware, with possible negative effects on the system's confidentiality, integrity, or availability.
Remediation
Users are advised to update to the Platform Initialization (PI) firmware version 1.2.0.CA, which will be available through OEM channels.
Added: May 15, 2026, 3:34 AM
Updated: May 15, 2026, 3:34 AM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
2.5exploitability
4.1remediation
7.7relevance
8.2threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.