Primary

Context

AMD µProf Privilege Escalation Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Patched

A vulnerability in the AMD µProf performance analysis tool-suite, specifically within the AMDPowerProfiler.sys driver, has been identified. This issue arises from incorrect permission assignments that may enable a local user-privileged attacker to escalate privileges, potentially leading to arbitrary code execution. The vulnerability is caused by the driver's failure to properly validate user access when handling IOCTL requests, which could allow unprivileged users to manipulate files in ways that could be exploited.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a local user to execute arbitrary code with elevated rights.

Remediation

Users are advised to update to AMD µProf version 5.2.431 or higher, released on December 11, 2025.

Added: Feb 11, 2026, 3:43 PM

Updated: Feb 11, 2026, 3:43 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

10.0

exploitability

2.7

remediation

7.7

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

10.0

exploitability

2.7

remediation

7.7

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD µProf Privilege Escalation Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

AMD µProf

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating