MEDIUM🇬🇧 English

CVE-2024-36340

CVSS 6.6v3.1pub. 2025-05-13upd. 2025-11-26

A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
  • Amd Uprof

    APP
    Amd
    < 5.0.1174< 5.0.1223< 5.0.1479
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-48510HIGH7.1ten sam produkt

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in los...

CVE-2023-31348HIGH7.3ten sam produkt

A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentiall...

CVE-2023-31349HIGH7.3ten sam produkt

Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privi...

CVE-2023-31341HIGH7.3ten sam produkt

Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticat...

CVE-2026-28237MEDIUM6.8ten sam produkt

Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potent...