CVE-2025-62619: Unauth KVM Key Endpoint Exposes Sensitive Keys (AMD)
CVE-2025-62619 Published on May 14, 2026

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality.

NVD

Weakness Type

Missing Authentication for Critical Function

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Affected Versions

AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 7000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 3000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ Threadripper™ 3000 Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 9000HX Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ AI 300 Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 7000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 7000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 8000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 8000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 9000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 4000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 5000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 3000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 5000 Series Desktop Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ AI Max 300 Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Not public:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors:

Version AMD Device Management Portal 3.0.0.895 is unaffected.

AMD Device Management Portal (ADMP):

Version 3.0.0.895 is unaffected.

Exploit Probability

EPSS

0.10%

Percentile

26.62%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2025-62619: Unauth KVM Key Endpoint Exposes Sensitive Keys (AMD)CVE-2025-62619 Published on May 14, 2026

Weakness Type

Missing Authentication for Critical Function

Affected Versions

Exploit Probability

CVE-2025-62619: Unauth KVM Key Endpoint Exposes Sensitive Keys (AMD)
CVE-2025-62619 Published on May 14, 2026