AMD APCB SMM Driver PrivEsc via Boot Service Exploit
CVE-2025-54502 Published on April 16, 2026
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
Weakness Type
Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Affected Versions
AMD EPYC™ 9004 Series Processors:- Version GenoaPI_1.0.0.H is unaffected.
- Version MilanPI-SP3_1.0.0.J is unaffected.
- Version Rome-1.0.0.P is unaffected.
- Version ComboAM5PI 1.0.0.d is unaffected.
- Version TurinPI-SP5_1.0.0.9 is unaffected.
- Version MI300A 1.0.0.C is unaffected.
- Version MI300C 1.0.0.3 is unaffected.
- Version GenoaPI_1.0.0.H is unaffected.
- Version RenoirPI-FP6 1.0.0.Ed is unaffected.
- Version RembrandtPI-FP7_1.0.0.Bg is unaffected.
- Version PicassoPI-FP5_1.0.1.2e is unaffected.
- Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected.
- Version MendocinoPI-FT6_1.0.0.7g is unaffected.
- Version DragonRangeFL1PI 1.0.0.3k is unaffected.
- Version ComboAM5PI 1.0.0.d is unaffected.
- Version ComboAM4v2PI 1.2.0.10 is unaffected.
- Version ChagallWSPI-sWRX8 1.0.0.D is unaffected.
- Version CezannePI-FP6_1.0.1.1d is unaffected.
- Version CastlePeakWSPI-sWRX8 1.0.0.I is unaffected.
- Version FireRangeFL1PI 1.0.0.0d is unaffected.
- Version StrixKrackanPI-FP8_1.1.0.0e is unaffected.
- Version ChagallWSPI-sWRX8 1.0.0.D is unaffected.
- Version StormPeakPI-SP6 1.0.0.1m is unaffected.
- Version StormPeakPI-SP6_1.1.0.0k is unaffected.
- Version ComboAM5PI 1.1.0.3f is unaffected.
- Version ComboAM5PI 1.2.0.3h is unaffected.
- Version ComboAM5PI 1.1.0.3f is unaffected.
- Version ComboAM5PI 1.2.0.3h is unaffected.
- Version ComboAM5PI 1.2.0.3h is unaffected.
- Version CezannePI-FP6_1.0.1.1d is unaffected.
- Version CezannePI-FP6_1.0.1.1d is unaffected.
- Version ComboAM4v2PI 1.2.0.10 is unaffected.
- Version ComboAM4v2PI 1.2.0.10 is unaffected.
- Version ComboAM4v2PI 1.2.0.10 is unaffected.
- Version ComboAM4PI 1.0.0.10 is unaffected.
- Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected.
- Version PicassoPI-FP5_1.0.1.2e is unaffected.
- Version RembrandtPI-FP7_1.0.0.Bg is unaffected.
- Version StrixHaloPI-FP11_1.0.0.2a is unaffected.
- Version StrixKrackanPI-FP8_1.1.0.0e is unaffected.
- Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected.
- Version StrixKrackanPI-FP8_1.1.0.0e is unaffected.
- Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected.
- Version RembrandtPI-FP7_1.0.0.Bg is unaffected.
- Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected.
- Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected.
- Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected.
- Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected.
- Version StrixKrackanPI-FP8_1.1.0.2d is unaffected.
- Version ComboAM5PI 1.2.8.0 is unaffected.
- Version ComboAM5PI 1.2.8.0 is unaffected.
- Version ComboAM5PI 1.2.8.0 is unaffected.
- Version EmbMilanPI-SP3 1.0.0.D is unaffected.
- Version EmbGenoaPI-SP5 1.0.0.D is unaffected.
- Version EmbRomePI-SP3 1.0.0.F is unaffected.
- Version EmbeddedPI-FP5 1213 is unaffected.
- Version EmbeddedR2KPI-FP5 1008 is unaffected.
- Version EmbeddedPI-FP5 1213 is unaffected.
- Version EmbAM4PI 1.0.0.9 is unaffected.
- Version EmbeddedPI-FP6_1.0.0.D is unaffected.
- Version Embedded-PI_FP7r2 1012 is unaffected.
- Version EmbGenoaPI-SP5 1.0.0.D is unaffected.
- Version EmbGenoaPI-SP5 1.0.0.D is unaffected.
- Version EmbeddedAM5PI 1.0.0.5 is unaffected.
- Version EmbeddedPhoenixPI-FP7r2_1.0.0.4 is unaffected.
- Version EmbeddedAM5PI 1.0.0.7 is unaffected.
- Version EmbeddedTurinPI_SP5_1004 is unaffected.
Exploit Probability
EPSS
0.02%
Percentile
5.63%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.