AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master Utility, a software tool designed to optimize the performance of AMD Ryzen™ processors. 

The vulnerability, classified as DLL hijacking, could allow attackers to execute arbitrary code and escalate privileges on affected systems. 

With a CVSS score of 7.3, this vulnerability is considered to pose a serious security risk. 

The AMD Ryzen™ Master Utility provides users with a user-friendly interface for overclocking processors, monitoring system performance, and adjusting system settings.

However, researchers found that the software does not enforce proper checks to prevent the dynamic loading of malicious DLLs (Dynamic Link Libraries). 

This flaw creates an avenue for attackers to exploit the software by injecting malicious code into the system. An attacker could place a malicious DLL in a directory that the Ryzen Master Utility accesses, tricking the application into loading it. 

Once loaded, this DLL could execute arbitrary code with elevated privileges, potentially compromising system integrity and confidentiality.

AMD has credited security researchers from Pwni for identifying and responsibly disclosing this vulnerability under a coordinated disclosure process.

Impact and Affected Products

The primary impact of this vulnerability is arbitrary code execution, which could lead to:

• Unauthorized access to sensitive data.
• System compromise through privilege escalation.
• Potential disruption of system operations.

The vulnerability affects all versions of AMD Ryzen™ Master Utility prior to version 2.14.0.3205.

AMD has acknowledged the vulnerability and recommends users update their Ryzen Master Utility software to version 2.14.0.3205 or higher. 

The updated version includes necessary security patches that address the DLL hijacking issue by implementing stricter validation for dynamically loaded libraries.

To mitigate risks:

• Download and install the latest version of AMD Ryzen™ Master Utility from AMD’s official website.
• Avoid running applications from untrusted directories or sources.
• Regularly update all software and drivers to ensure they include the latest security patches.

Similar vulnerabilities have been reported in other AMD products, such as the AMD Integrated Management Technology (AIM-T) Manageability Service (CVE-2023-31361) and AMD μProf (CVE-2023-31348), highlighting the importance of secure library loading practices across software ecosystems.

Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates