CVE-2024-36333

EPSS 0.01%
Veröffentlicht 15.05.2026 02:58:47
Zuletzt bearbeitet 15.05.2026 14:10:17
Quelle psirt@amd.com
CVE-Watchlists
Login
Unerledigt
Login

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 11 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerAMD

≫

Produkt AMD Radeon™ RX 5000 Series Graphics Products

Default Statusaffected

Version AMD Software: Adrenalin Edition 25.10.2 (25.20.21.01 RDNA3+, 25.10.33.02 RDNA1/RDNA2)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO W5000 Series Graphics Products

Default Statusaffected

Version AMD Software: PRO Edition 25.Q3.1 (25.10.32 RDNA)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ RX 6000 Series Graphics Products

Default Statusaffected

Version AMD Software: Adrenalin Edition 25.10.2 (25.20.21.01 RDNA3+, 25.10.33.02 RDNA1/RDNA2)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ RX 7000 Series Graphics Products

Default Statusaffected

Version AMD Software: Adrenalin Edition 25.10.2 (25.20.21.01 RDNA3+, 25.10.33.02 RDNA1/RDNA2)

Status unaffected

HerstellerAMD

≫

Produkt AMD Cleanup Utility

Default Statusaffected

Version https://www.amd.com/en/resources/support-articles/faqs/GPU-601.html

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO W6000 Series Graphics Products

Default Statusaffected

Version AMD Software: PRO Edition 25.Q3.1 (25.10.32 RDNA)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO W7000 Series Graphics Products

Default Statusaffected

Version AMD Software: PRO Edition 25.Q3.1 (25.10.32 RDNA)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ RX Vega Series Graphics Cards

Default Statusaffected

Version AMD Software: Adrenalin Edition 26.1.1 (23.19.24)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ VII

Default Statusaffected

Version AMD Software: Adrenalin Edition 26.1.1 (23.19.24)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO WX 8000/9000 Series Graphics Cards

Default Statusaffected

Version AMD Software: PRO Edition 26.Q1 (23.19.24)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO VII

Default Statusaffected

Version AMD Software: PRO Edition 26.Q1 (23.19.24)

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.015

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@amd.com	7	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-427 Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html

https://nvd.nist.gov/vuln/detail/CVE-2024-36333

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-36333

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-36333

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-36333