
AMD RCE Unfixed! Iran Deal, SCOTUS, & More
AMD RCE Unfixed! Iran Deal, SCOTUS, & More
Based on information from multiple sources, a security researcher discovered a critical Remote Code Execution (RCE) vulnerability in AMD's AutoUpdate software. The vulnerability stems from the software's use of HTTP for executable downloads, allowing for potential man-in-the-middle attacks to replace legitimate updates with malicious ones, which the software then executes without proper validation. Despite reporting the issue, AMD deemed it out of scope and did not consider it a vulnerability.
























