CVE-2025-52541
Published: 11 February 2026
Summary
CVE-2025-52541 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Amd (inferred from references). Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique DLL Search Order Hijacking (T1038); ranked at the 0.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Threat & Defense at a Glance
Threat & Defense Details
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE directly describes DLL hijacking (CWE-427) enabling local privilege escalation and arbitrary code execution.
NVD Description
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
Deeper analysisAI
CVE-2025-52541 is a DLL hijacking vulnerability (CWE-427) in Vivado that could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. The vulnerability carries a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) and was published on 2026-02-11T15:16:15.403.
A local attacker with low privileges (PR:L) can exploit this vulnerability, which has low attack complexity (AC:L) but requires user interaction (UI:R). Successful exploitation enables privilege escalation and arbitrary code execution with high impacts on confidentiality, integrity, and availability.
AMD has published security bulletin AMD-SB-8013 with details on the vulnerability at https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8013.html.
Details
- CWE(s)