AMD Ryzen: Security vulnerabilities in AI software

AMD's newer processors have AI coprocessors, Ryzen AI. The software and drivers for these open up security gaps.

(Image: Erstellt mit KI in Bing Creator von heise online / dmk)

Apr 3, 2025 at 9:14 pm CEST

2 min. read

By

Dirk Knop

AMD is giving newer processors peripherals for accelerated computing for artificial intelligence, which the company calls Ryzen AI. The associated software and drivers have high-risk security vulnerabilities. Those affected should quickly install the updated software provided by AMD.

Read also

Ryzen AI Max: AMD competes against Apple's M4 Pro with a thick integrated GPU

AMD warned of the vulnerabilities in a security announcement on Wednesday. There are a total of four security vulnerabilities in the AI software. The most serious vulnerabilities can be found in AMD's NPU (Neural Processing Unit) driver. All three are integer overflows, which allows attackers to write outside intended memory limits and thus apparently execute malicious code – AMD only describes the impact of the vulnerability as "loss of confidentiality, integrity or availability" (CVE-2024-36336, CVE-2024-36337, CVSS 7.9, risk "high"; and CVE-2024-36328, CVSS 7.3, risk "high").

AMD: AI developers vulnerable

Developers who develop AI software with the Ryzen AI Software SDK are also susceptible to a vulnerability that allows attackers to extend their rights and execute arbitrary code. This is caused by incorrectly set default permissions in the installation path of the Ryzen AI software (CVE-2025-0014, CVSS 7.3, risk"high").

Updated software and drivers plug the security leaks. Updates for both components are available on AMD's Ryzen AI website. The latest NPU driver can be downloaded with an AMD account and by signing a license agreement.

Update installation at the command prompt — The installation of the driver update at the administrative prompt.

(Image: Screenshot / dmk)

The driver update can be installed after unpacking the archive and searching for the path at the administrative command prompt.

Driver version in the device manager — The driver version can be checked in the device manager.

(Image: Screenshot / dmk)

In the device manager, you can then check whether the current driver version has been installed and applied correctly. It should currently be from 12.03.2025 and be 32.0.203.257 or newer.

Developers can patch the vulnerability with the SDK Ryzen AI Software 1.4.0 or newer. The 3.4 GB installation package is also available for download after logging in with an AMD account and confirming a form. All those affected are advised to update as soon as possible to minimize the attack surface.