CVE-2025-62619_CVE-2025-62619

6.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality.

Basic Information

ID CVE-2025-62619

Source AMD

Published May 14, 2026 at 14:32

Modified May 14, 2026 at 15:35

Affected Product

Vendor AMD

Product AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics

Version AMD Device Management Portal 3.0.0.895

CWE Classification

CWE-306

References

www.amd.com /en/resources/product-security/bulletin/AMD-SB-9023.html

{
    "lastseen": "",
    "description": "Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality.",
    "published": "2026-05-14T14:32:10.195Z",
    "modified": "2026-05-14T15:35:55.110Z",
    "type": "cve",
    "title": "CVE-2025-62619",
    "source": "AMD",
    "references": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9023.html",
    "id": "CVE-2025-62619",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
    "version": "AMD Device Management Portal 3.0.0.895",
    "vendor": "AMD",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}