Severity Level: High
Title:
High-Severity Vulnerability in AMD Ryzen Master Utility
Vulnerability Details:
A high-severity vulnerability (CVE-2024-21966) has been identified in the AMD Ryzen Master Utility,
a popular tool used for overclocking and optimizing AMD Ryzen processors.
Vulnerability Details:
1. CVE-2024-21966 - CVSS Score: 7.3 (High)
• The AMD Ryzen Master Utility is susceptible to a DLL hijacking vulnerability, where
the application dynamically loads external DLLs without proper validation. An
attacker could exploit this by placing a malicious DLL in a directory that is searched by
the application during runtime.
• If successful, the attacker could escalate privileges and execute arbitrary code with
the same privileges as the AMD Ryzen Master Utility, potentially leading to full system
compromise.
• Affected Versions:
o AMD Ryzen Master Utility (All versions prior to 2.14.0.3205)
• Fixed Versions:
o AMD Ryzen Master Utility to version 2.14.0.3205 or higher.
Recommendations:
We recommended to update AMD Ryzen Master Utility to the fixed or latest versions released by AMD
References:
click here