CVE-2025-52541
Published: 11 February 2026
Summary
CVE-2025-52541 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Amd (inferred from references). Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique DLL (T1574.001); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-3 (Malicious Code Protection) and SI-7 (Software, Firmware, and Information Integrity).
Deeper analysis
CVE-2025-52541 is a DLL hijacking vulnerability (CWE-427) in Vivado that could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. The vulnerability carries a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) and was published on 2026-02-11T15:16:15.403.
A local attacker with low privileges (PR:L) can exploit this vulnerability, which has low attack complexity (AC:L) but requires user interaction (UI:R). Successful exploitation enables privilege escalation and arbitrary code execution with high impacts on confidentiality, integrity, and availability.
AMD has published security bulletin AMD-SB-8013 with details on the vulnerability at https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8013.html.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-207008
Vulnerability details
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE directly describes DLL hijacking (CWE-427) enabling local privilege escalation and arbitrary code execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces cryptographic or digital-signature verification of DLLs before loading, directly blocking the malicious replacement that enables the hijack in Vivado.
Malicious-code detection mechanisms can identify and block unauthorized DLLs placed in Vivado's search path before they execute.
Least-privilege execution of Vivado limits the scope of privilege escalation that a successful DLL hijack can achieve.