VYPR

μProf

by AMD

CVEs (16)

  • CVE-2021-26334CriDec 1, 2021
    risk 0.64cvss 9.9epss 0.01

    The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user.

  • CVE-2023-20562HigAug 8, 2023
    risk 0.51cvss 7.8epss 0.01

    Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.

  • CVE-2022-27674HigNov 9, 2022
    risk 0.49cvss 7.5epss 0.01

    Insufficient validation in the IOCTL input/output buffer in AMD μProf may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of service.

  • CVE-2022-23831HigNov 9, 2022
    risk 0.49cvss 7.5epss 0.01

    Insufficient validation of the IOCTL input buffer in AMD μProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service.

  • CVE-2025-61969HigFeb 11, 2026
    risk 0.46cvss epss 0.00

    Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

  • CVE-2023-20561MedAug 8, 2023
    risk 0.36cvss 5.5epss 0.00

    Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service.

  • CVE-2023-20556MedAug 8, 2023
    risk 0.36cvss 5.5epss 0.00

    Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.

  • CVE-2025-29933Nov 24, 2025
    risk 0.00cvss epss 0.00

    Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service

  • CVE-2025-48511Nov 24, 2025
    risk 0.00cvss epss 0.00

    Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service.

  • CVE-2025-48510Nov 24, 2025
    risk 0.00cvss epss 0.00

    Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.

  • CVE-2025-48502Nov 21, 2025
    risk 0.00cvss epss 0.00

    Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service.

  • CVE-2024-36340May 13, 2025
    risk 0.00cvss epss 0.00

    A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure.

  • CVE-2023-31366Aug 13, 2024
    risk 0.00cvss epss 0.00

    Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.

  • CVE-2023-31349Aug 13, 2024
    risk 0.00cvss epss 0.00

    Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

  • CVE-2023-31348Aug 13, 2024
    risk 0.00cvss epss 0.00

    A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

  • CVE-2023-31341Aug 13, 2024
    risk 0.00cvss epss 0.00

    Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service.