Cyber Resilience

CVE-2025-13952

Critical

Published: 24 January 2026

Published
24 January 2026
Modified
28 January 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0042 33.2th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-13952 is a critical-severity Use After Free (CWE-416) vulnerability in Imaginationtech Ddk. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 33.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-13952 is a use-after-free vulnerability (CWE-416) in the GPU shader compiler library, where unusual GPU shader code from a web page loaded over the Internet into the GPU compiler process triggers a write to a freed memory object via an outdated pointer. This affects GPU drivers from Imagination Technologies, particularly on platforms where the compiler process runs with system privileges. The issue has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high impacts on confidentiality, integrity, and availability.

The vulnerability can be exploited remotely by any unauthenticated attacker with network access, requiring low complexity and no user interaction or privileges. Exploitation causes a crash in the GPU compiler process, and on affected platforms where the process holds system-level privileges, it could serve as a foothold for further device compromise, potentially enabling arbitrary code execution or escalation.

For mitigation details, refer to the vendor advisory at https://www.imaginationtech.com/gpu-driver-vulnerabilities/.

EU & UK References

Vulnerability details

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges…

more

this could enable further exploits on the device. The shader code contained in the web page executes a path in the compiler that held onto an out of date pointer, pointing to a freed memory object.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Use-after-free in privileged GPU shader compiler enables remote exploitation leading to arbitrary code execution and privilege escalation on affected platforms.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-10865Same product: Imaginationtech Ddk
CVE-2025-58411Same product: Imaginationtech Ddk
CVE-2026-22166Same product: Imaginationtech Ddk
CVE-2026-22165Same product: Imaginationtech Ddk
CVE-2026-22167Same product: Imaginationtech Ddk
CVE-2026-22163Same product: Imaginationtech Ddk
CVE-2026-21732Same product: Imaginationtech Ddk
CVE-2025-25176Same product: Imaginationtech Ddk
CVE-2026-31474Shared CWE-416
CVE-2025-47398Shared CWE-416

Affected Assets

imaginationtech
ddk
≤ 25.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the use-after-free flaw in the GPU shader compiler by requiring timely patching of the specific vulnerability.

prevent

Implements memory protection mechanisms such as ASLR, DEP, and bounds checking that directly mitigate use-after-free exploits in the GPU compiler process.

prevent

Enforces least privilege on the GPU compiler process to prevent system-level escalation even if the use-after-free vulnerability is exploited.

References