PT-2026-41253 · Amd · Agesa Bootloader Firmware

Published

2026-05-15

·

Updated

2026-05-28

·

CVE-2025-48516

CVSS v4.0

6.9

Medium

VectorAV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions AGESA Bootloader Firmware (affected versions not specified)
Description An insecure default configuration state of the DDR5 memory module within the AGESA Bootloader Firmware allows a local user to abuse the unprotected PMIC (Power Management Integrated Circuit) interface. This could lead to a permanent denial of service condition or compromise the integrity of the memory module.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2025-48516

Affected Products

Agesa Bootloader Firmware