Cyber Posture

CVE-2025-48503

High

Published: 11 February 2026

Published
11 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0001 0.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-48503 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Amd (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL Side-Loading (T1574.002); ranked at the 0.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-7 (Software, Firmware, and Information Integrity).

Threat & Defense at a Glance

What attackers do: exploitation maps to DLL Side-Loading (T1574.002) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the DLL hijacking vulnerability in the AMD Software Installer by requiring identification, testing, and installation of vendor-provided patches from the AMD security bulletin.

SI-7 Software, Firmware, and Information Integrity good match
prevent

Enforces integrity verification mechanisms for software components, preventing the installer from loading hijacked malicious DLLs during execution.

AC-6 Least Privilege partial match
prevent

Limits the privileges available to the low-privilege local attacker and installation process, reducing the impact of successful privilege escalation via DLL hijacking.

MITRE ATT&CK Enterprise TechniquesAI

T1574.002 DLL Side-Loading Stealth
Adversaries may execute their own malicious payloads by side-loading DLLs.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

CVE directly describes DLL hijacking (CWE-427) in installer enabling local privilege escalation to arbitrary code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.

Deeper analysisAI

CVE-2025-48503 is a DLL hijacking vulnerability (CWE-427) in the AMD Software Installer that could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. Published on 2026-02-11, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating high severity with local attack vector, high complexity, and low privilege requirements.

A local attacker with low privileges could exploit this vulnerability by hijacking a DLL during the installation process, requiring high attack complexity but no user interaction. Successful exploitation would change the scope to altered and grant high impacts on confidentiality, integrity, and availability, enabling arbitrary code execution with elevated privileges.

AMD has issued a product security bulletin providing details on the vulnerability and mitigation at https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html.

Details

CWE(s)
CWE-427

Affected Products

Amd
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2024-55543Shared CWE-427
CVE-2025-54519Shared CWE-427
CVE-2025-0069Shared CWE-427
CVE-2026-25655Shared CWE-427
CVE-2024-55898Shared CWE-427
CVE-2024-55540Shared CWE-427
CVE-2025-57836Shared CWE-427
CVE-2025-69784Shared CWE-427
CVE-2025-21206Shared CWE-427
CVE-2024-9491Shared CWE-427

References