Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-66664
PUBLISHED
More InfoOfficial Page
Assigner-AMD
Assigner Org ID-b58fc414-a1e4-4f92-9d70-1add41838648
View Known Exploited Vulnerability (KEV) details
Published At-15 May, 2026 | 02:41
Updated At-15 May, 2026 | 16:31
Rejected At-
▼CVE Numbering Authority (CNA)

Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception

Affected Products
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Radeon™ RX 6000 Series Graphics Products
Default Status
affected
Versions
Unaffected
  • AMD Software: Adrenalin Edition 25.12.1 (25.10.37.01)
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Radeon™ RX 7000 Series Graphics Products
Default Status
affected
Versions
Unaffected
  • AMD Software: Adrenalin Edition 25.11.1 (25.20.29.01)
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Radeon™ PRO W6000 Series Graphics Products
Default Status
affected
Versions
Unaffected
  • AMD Software: PRO Edition 25.Q4 (25.10.37.01)
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Radeon™ PRO W7000 Series Graphics Products
Default Status
affected
Versions
Unaffected
  • AMD Software: PRO Edition 25.Q3.1 (25.10.32)
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Instinct™ MI250
Default Status
affected
Versions
Unaffected
  • ROCm 7.0
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Instinct™ MI210
Default Status
affected
Versions
Unaffected
  • ROCm 7.0
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Instinct™ MI300X
Default Status
affected
Versions
Unaffected
  • ROCm 6.3.1
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Instinct™ MI325X
Default Status
affected
Versions
Unaffected
  • ROCm 6.3.1
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Instinct™ MI308X
Default Status
affected
Versions
Unaffected
  • ROCm 6.4.2
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Instinct™ MI300A
Default Status
affected
Versions
Unaffected
  • BKC 26 (ROCm 7.0.1)
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Radeon™ PRO V520
Default Status
affected
Versions
Unaffected
  • Contact your AMD Customer Engineering representative
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Radeon™ PRO V620
Default Status
affected
Versions
Unaffected
  • Contact your AMD Customer Engineering representative
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Radeon™ PRO V710
Default Status
affected
Versions
Unaffected
  • Contact your AMD Customer Engineering representative
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
4.04.6MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
Version: 4.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html
N/A
Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found