CVE-2025-0040
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-0040
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper access control between the Joint Test Action Group (JTAG) and Advanced Extensible Interface (AXI) could allow an attacker with physical access to read or overwrite the contents of cross-chip debug (XCD) registers potentially resulting in loss of data integrity or confidentiality.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
访问控制不恰当
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| AMD | AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics | PhoenixPI-FP8-FP7_1.2.0.B | - | |
| AMD | AMD Ryzen™ 8000 Series Desktop Processors | ComboAM5PI 1.2.0.3d | - | |
| AMD | AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics | PhoenixPI-FP8-FP7_1.2.0.B | - | |
| AMD | AMD Ryzen™ Embedded 8000 Series Processors | EmbeddedPhoenixPI-FP7r2_1.0.0.2 | - |
II. Public POCs for CVE-2025-0040
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-0040
请登录查看更多情报信息。
Same Patch Batch · AMD · 2026-05-15 · 39 CVEs total
| CVE-2025-52540 | AMD PMF驱动越界写入致提权 | |
| CVE-2021-26380 | Trusted OS驱动内存越界致完整性丢失 | |
| CVE-2024-21962 | AMD RAID驱动输入验证缺陷致提权与代码执行 | |
| CVE-2025-29935 | AMD PMF越界写入漏洞(影响代码执行) | |
| CVE-2025-29944 | AMD Sensor Fusion Hub 驱动缓冲区溢出致系统崩溃 | |
| CVE-2025-29938 | AMD PMF 版本未指定:未检查返回值致任意代码执行 | |
| CVE-2025-29937 | AMD PMF越界读取漏洞 | |
| CVE-2025-0028 | AMD PMF框架越界读写漏洞 | |
| CVE-2025-29936 | AMD平台管理框架输入验证缺陷导致权限提升 | |
| CVE-2025-48513 | AMD PMF未初始化资源漏洞 | |
| CVE-2022-23826 | Graphics TOCTOU漏洞可致完整性破坏 | |
| CVE-2025-48520 | AMD平台管理框架驱动越界读取漏洞 | |
| CVE-2025-48519 | AMD PMF驱动越界读写致提权漏洞 | |
| CVE-2025-0045 | AMD Secure Processor驱动输入验证漏洞致拒绝服务 | |
| CVE-2026-0432 | AMD芯片组驱动权限错误致提权 | |
| CVE-2025-48521 | ASP PCI驱动Use-After-Free漏洞致平台完整性丧失 | |
| CVE-2025-48512 | AMD GPIO控制器权限配置错误致提权 | |
| CVE-2024-36345 | AMD OverDrive SMM模块越界读取漏洞 | |
| CVE-2026-0438 | SMM handler执行非SMM内存代码导致远程代码执行漏洞 | |
| CVE-2023-31309 | Power Management Firmware多版本信息泄露与可用性受损漏洞 |
Showing top 20 of 39 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same weakness: CWE-284
- CVE-2026-45301
Open WebUI: Missing permission check in files API allows aut - CVE-2026-44556
Open WebUI: responses passthrough endpoint lacks access cont - CVE-2026-44774
Traefik: Gateway API TraefikService backend accepts rest@int - CVE-2026-44478
hoppscotch: Unauthenticated Onboarding Config Disclosure via - CVE-2026-44007
vm2: nesting: true bypasses require: false, allowing sandbox
V. Comments for CVE-2025-0040
No comments yet