{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-36319","assignerOrgId":"b58fc414-a1e4-4f92-9d70-1add41838648","state":"PUBLISHED","assignerShortName":"AMD","dateReserved":"2024-05-23T19:44:40.300Z","datePublished":"2026-02-12T17:41:06.194Z","dateUpdated":"2026-02-26T14:44:20.866Z"},"containers":{"cna":{"providerMetadata":{"orgId":"b58fc414-a1e4-4f92-9d70-1add41838648","shortName":"AMD","dateUpdated":"2026-02-12T17:41:06.194Z"},"affected":[{"defaultStatus":"affected","vendor":"AMD","product":"AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics;\r\nAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics","versions":[{"version":"AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Ryzen™ AI MAX Series Processors","versions":[{"version":"AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Ryzen™ AI 300 Series Processors","versions":[{"version":"AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Ryzen™ 8000 Series Desktop Processors","versions":[{"version":"AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Ryzen™ Embedded 8000 Series Processors","versions":[{"version":"Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Ryzen™ Embedded 7000 Series Processors","versions":[{"version":"Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Ryzen™ Embedded 9000 Series Processors","versions":[{"version":"Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Radeon™ RX 7000 Series Graphics Products","versions":[{"version":"25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Radeon™ PRO W7000 Series Graphics Products","versions":[{"version":"25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI300X","versions":[{"version":"ROCm 6.2.4","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI300A","versions":[{"version":"ROCm 6.2.4","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI308X","versions":[{"version":"ROCm 6.2.4","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Instinct™ MI325X","versions":[{"version":"ROCm 6.2.4","status":"unaffected"}]},{"defaultStatus":"affected","vendor":"AMD","product":"AMD Radeon™ PRO V710","versions":[{"version":"Contact your AMD Customer Engineering representative","status":"unaffected"}]}],"datePublic":"2026-02-12T17:40:51.607Z","descriptions":[{"lang":"en","value":"Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.","supportingMedia":[{"base64":false,"type":"text/html","value":"Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.<br>"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1191","description":"CWE-1191  On-Chip Debug and Test Interface With Improper Access Control","lang":"en","type":"CWE"}]}],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"AMD PSIRT Automation 1.0"},"metrics":[{"cvssV4_0":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","baseScore":6.3,"baseSeverity":"MEDIUM"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-36319","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2026-02-13T04:56:40.296265Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T14:44:20.866Z"}}]}}