CVE-2025-52541 PUBLISHED

Assigner: AMD
Reserved: 17.06.2025 Published: 11.02.2026 Updated: 11.02.2026

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVSS Score: 7.3

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	Low	Integrity Impact	High
User Interaction	Required	Availability Impact	High

CVSS 3.1

Product Status

Vendor	AMD
Product	Vivado™ Installation (Windows)
Versions	Default: affected Version 2025.2 is unaffected

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8013.html

Problem Types

CWE-427 Uncontrolled Search Path Element CWE