CyberSecurityBoard
Sponsor Register Login

AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code

Similar vulnerabilities have been reported in other AMD products, such as the AMD Integrated Management Technology (AIM-T) Manageability Service (CVE-2023-31361) and AMD μProf (CVE-2023-31348), highlighting the importance of secure library loading practices across software ecosystems. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. AMD has acknowledged the vulnerability and recommends users update their Ryzen Master Utility software to version 2.14.0.3205 or higher. The updated version includes necessary security patches that address the DLL hijacking issue by implementing stricter validation for dynamically loaded libraries. The AMD Ryzen™ Master Utility provides users with a user-friendly interface for overclocking processors, monitoring system performance, and adjusting system settings. AMD has credited security researchers from Pwni for identifying and responsibly disclosing this vulnerability under a coordinated disclosure process. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. An attacker could place a malicious DLL in a directory that the Ryzen Master Utility accesses, tricking the application into loading it. With a CVSS score of 7.3, this vulnerability is considered to pose a serious security risk. This flaw creates an avenue for attackers to exploit the software by injecting malicious code into the system. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications. Once loaded, this DLL could execute arbitrary code with elevated privileges, potentially compromising system integrity and confidentiality.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 14 Feb 2025 07:55:20 +0000


Cyber News related to AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code

AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code - Similar vulnerabilities have been reported in other AMD products, such as the AMD Integrated Management Technology (AIM-T) Manageability Service (CVE-2023-31361) and AMD μProf (CVE-2023-31348), highlighting the importance of secure library loading ...
4 months ago Cybersecuritynews.com CVE-2023-31361 CVE-2023-31348
Attackers Can Bypass Windows Security Using New DLL Hijacking - Threat actors using the DLL Hijacking technique for persistence have been the order of the day and have been utilized in several attacks. This attack method allows bypassing the privilege requirement for executing certain malicious codes on the ...
1 year ago Cybersecuritynews.com
CVE-2005-2127 - Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for ...
6 years ago
Side-by-Side with HelloJackHunter: Unveiling the Mysteries of WinSxS - As we know, Dynamic-link library(DLL) Side loading / DLL Hijacking is nothing new, nor is Windows Side-by-Side; however, side loading is handy from an adversarial tradecraft perspective, be it for establishing initial access, persistence, privilege ...
1 year ago Blog.zsec.uk Equation
CVE-2025-4455 - A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. It has been rated as critical. This issue affects some unknown processing in the library ...
1 month ago
AMD CPU Signature Verification Vulnerability Let Attackers Load Malicious Microcode - However, the fact that Google’s researchers were able to successfully bypass AMD’s microcode signature verification highlights a potential weakness in the security architecture of modern processors that could have significant implications ...
2 months ago Cybersecuritynews.com CVE-2024-36347
New DLL Search Order Hijacking Technique Targets WinSxS Folder - A new DLL search order hijacking technique allows adversaries to load and execute malicious code in applications within Windows' WinSxS folder, incident response company Security Joes reports. Typically, DLL search order hijacking abuses applications ...
1 year ago Securityweek.com
CVE-2005-1990 - Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, ...
3 years ago
New DLL Search Order Hijacking Variant Evades Windows 10 and 11 Protections - Security researchers have outlined a fresh variant of a dynamic link library search order hijacking technique, potentially enabling threat actors to circumvent security measures and execute malicious code on computers running Microsoft Windows 10 and ...
1 year ago Cysecurity.news
Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads - Cybersecurity researchers have identified a concerning new attack vector where threat actors are actively exploiting a vulnerability in Google Chrome version 133.0.6943.126 through DLL side-loading techniques. This sophisticated attack allows ...
3 months ago Cybersecuritynews.com
CVE-2018-6765 - Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an ...
5 years ago
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day - Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. While eight remote code execution bugs were fixed, Microsoft only rated three ...
1 year ago Bleepingcomputer.com CVE-2023-20588
CVE-2019-19083 - Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in ...
4 years ago
CVE-2018-8931 - The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. ...
5 years ago
CVE-2018-8936 - The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation. ...
5 years ago
CVE-2018-8930 - The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. ...
4 years ago
Apple, AMD, Qualcomm, Imagination GPUs open to data theft The Register - A design flaw in GPU drivers made by Apple, Qualcomm, AMD, and likely Imagination can be exploited by miscreants on a shared system to snoop on fellow users. On a non-shared system, malware that manages to run on the box could abuse the weakness to ...
1 year ago Go.theregister.com Hunters
Hackers Employ DLL Side-Loading To Deliver Malicious Python Code - DLL side-loading exploits the Windows DLL search order mechanism, where attackers place malicious DLL files in locations where legitimate applications will load them instead of the intended legitimate libraries. The technique enables attackers to ...
3 months ago Cybersecuritynews.com
CVE-2018-6766 - Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to ...
5 years ago
CVE-2010-3129 - Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, ...
7 years ago
CVE-2014-8398 - Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) ...
6 years ago
Linux 6.15-rc1 Released With Major Driver Update & Perfomance Boost - The release represents a substantial update, with approximately two-thirds of the patch series dedicated to driver enhancements, while the remaining portion addresses architecture updates, file systems, scheduling, memory management, and networking ...
2 months ago Cybersecuritynews.com
Fresh SLAM Attack Extracts Sensitive Data from AMD CPUs and Upcoming Intel Processors - Academic researchers have unveiled a novel side-channel attack named SLAM, designed to exploit hardware enhancements meant to bolster security in forthcoming CPUs from major manufacturers like Intel, AMD, and Arm. The attack aims to retrieve the root ...
1 year ago Cysecurity.news
CVE-2019-19082 - Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in ...
4 years ago
CVE-2024-36969 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)