CVE-2025-54519 PUBLISHED

Assigner: AMD
Reserved: 23.07.2025 Published: 12.02.2026 Updated: 12.02.2026

A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVSS Score: 7.3

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	Low	Integrity Impact	High
User Interaction	Required	Availability Impact	High

CVSS 3.1

Product Status

Vendor	AMD
Product	Vivado™ Documentation Navigator Installation (Windows)
Versions	Default: affected Version No fix planned is affected

Credits

Reported through AMD Bug Bounty Program finder

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8013.html

Problem Types

CWE-427 Uncontrolled Search Path Element CWE