AMD PMF Driver OOB Write/PrivEsc via Improper Input Validation
CVE-2025-52540 Published on May 15, 2026

An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.

NVD

Weakness Type

What is a Memory Corruption Vulnerability?

The software writes data past the end, or before the beginning, of the intended buffer. Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.

CVE-2025-52540 has been classified to as a Memory Corruption vulnerability or weakness.

Affected Versions

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R"):

Version 7.06.02.123 is unaffected.

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix"):

Version 7.06.02.123 is unaffected.

AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point"):

Version 7.06.02.123 is unaffected.

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt"):

Version 7.06.02.123 is unaffected.

AMD Ryzen™ Embedded 8000 Series Processors:

Version Graphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123 is unaffected.

AMD PMF Driver OOB Write/PrivEsc via Improper Input ValidationCVE-2025-52540 Published on May 15, 2026

Weakness Type

What is a Memory Corruption Vulnerability?

Affected Versions

AMD PMF Driver OOB Write/PrivEsc via Improper Input Validation
CVE-2025-52540 Published on May 15, 2026