CVE-2025-48515

Published: Feb 10, 2026

Modified: Feb 10, 2026

PUBLISHED

Description

Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.

Vendor	Product	Versions
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	unaffected `RenoirPI-FP6 1.0.0.Ed`
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics	unaffected `CezannePI-FP6_1.0.1.1c`
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	unaffected `CezannePI-FP6_1.0.1.1c`
AMD	AMD Ryzen™ 4000 Series Desktop Processors	unaffected `RenoirPI-FP6_1.0.0.Ec`
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	unaffected `ComboAM4v2PI_1.2.0.11`
AMD	AMD Ryzen™ Embedded V2000 Series Processors	unaffected `EmbeddedPI-FP6_1.0.0.D`

Weaknesses (CWE)

CWE-190

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-48515

Description

Affected Products

Weaknesses (CWE)

References