Primary

Context

AMD Power Management Firmware Array Index Validation Vulnerability Allowing Memory Corruption

Vulnerability

A vulnerability exists in the AMD Power Management Firmware due to improper validation of an array index. This issue could enable a privileged attacker to corrupt AGESA memory, potentially leading to a loss of integrity.

Impact

Exploitation of this vulnerability could allow a privileged attacker to corrupt AGESA memory, causing a loss of integrity.

Remediation

Users are advised to update to the Platform Initialization (PI) firmware version 1.0.1.2, released on August 6, 2024. Please contact your Original Equipment Manufacturer (OEM) for the specific BIOS update for your product.

Added: Sep 6, 2025, 6:42 PM

Updated: Sep 6, 2025, 6:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD Power Management Firmware Array Index Validation Vulnerability Allowing Memory Corruption

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating