Description
A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
Published: 2026-05-15
Score: 7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A DLL hijacking flaw in the AMD Cleanup Utility permits a malicious actor to supply a rogue dynamic library that the Utility will load in place of a legitimate one. The attacker can then execute the injected code with the credentials of the Utility’s process, which typically runs with elevated system privileges, thereby achieving privilege escalation that may lead to arbitrary code execution on the affected machine. This weakness corresponds to the DLL hijacking concept and involves improper validation of DLL loading paths.

Affected Systems

AMD products affected include the AMD Cleanup Utility as well as a wide range of Radeon GPUs across the VII, RX 5000/6000/7000, RX Vega, and PRO series cards. No specific version information is listed, so all installations that use the Utility at the time of the disclosure are considered potentially vulnerable.

Risk and Exploitability

The CVSS score for this issue is 7, indicating a high severity. EPSS score is 0.00011, indicating a very low likelihood of exploitation, and the vulnerability is not listed in CISA’s KEV catalog, suggesting no known widespread exploitation yet. The attack vector is inferred to be local, relying on an attacker who can place a malicious DLL in a location that the Utility searches first; remote exploitation would require an additional vulnerability or compromised administrative access.

Generated by OpenCVE AI on May 15, 2026 at 15:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the AMD Cleanup Utility to the latest version released by AMD
  • If the Utility is not required for system operation, uninstall or disable it
  • Restrict permissions on directories that the Utility scans for DLLs so it cannot load code from untrusted locations
  • Monitor system logs for unusual DLL load events or abrupt privilege escalation attempts

Generated by OpenCVE AI on May 15, 2026 at 15:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 18 May 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Amd cleanup Utility
Amd radeon Pro W5500
Amd radeon Pro W5500x
Amd radeon Pro W5700
Amd radeon Pro W5700x
Amd radeon Pro W6300
Amd radeon Pro W6300m
Amd radeon Pro W6400
Amd radeon Pro W6500m
Amd radeon Pro W6600
Amd radeon Pro W6600m
Amd radeon Pro W6600x
Amd radeon Pro W6800
Amd radeon Pro W6800x
Amd radeon Pro W6800x Duo
Amd radeon Pro W6900x
Amd radeon Software
CPEs cpe:2.3:a:amd:cleanup_utility:25.20.00.00:*:*:*:*:*:*:*
cpe:2.3:a:amd:radeon_software:*:*:*:*:pro:*:*:*
cpe:2.3:h:amd:radeon_pro_vii:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w5500:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w5500x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w5700:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w5700x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6300:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6300m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6400:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6500m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6600:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6600m:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6600x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6800:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6800x:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6800x_duo:-:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_pro_w6900x:-:*:*:*:*:*:*:*
Vendors & Products Amd cleanup Utility
Amd radeon Pro W5500
Amd radeon Pro W5500x
Amd radeon Pro W5700
Amd radeon Pro W5700x
Amd radeon Pro W6300
Amd radeon Pro W6300m
Amd radeon Pro W6400
Amd radeon Pro W6500m
Amd radeon Pro W6600
Amd radeon Pro W6600m
Amd radeon Pro W6600x
Amd radeon Pro W6800
Amd radeon Pro W6800x
Amd radeon Pro W6800x Duo
Amd radeon Pro W6900x
Amd radeon Software
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Sun, 17 May 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd amd Cleanup Utility
Amd radeon Pro Vii
Amd radeon Pro W5000 Series
Amd radeon Pro W6000 Series
Amd radeon Pro W7000 Series
Amd radeon Pro Wx 8000 Series
Amd radeon Pro Wx 9000 Series
Amd radeon Rx 5000 Series
Amd radeon Rx 6000 Series
Amd radeon Rx 7000 Series
Amd radeon Rx Vega Series
Amd radeon Vii
Vendors & Products Amd
Amd amd Cleanup Utility
Amd radeon Pro Vii
Amd radeon Pro W5000 Series
Amd radeon Pro W6000 Series
Amd radeon Pro W7000 Series
Amd radeon Pro Wx 8000 Series
Amd radeon Pro Wx 9000 Series
Amd radeon Rx 5000 Series
Amd radeon Rx 6000 Series
Amd radeon Rx 7000 Series
Amd radeon Rx Vega Series
Amd radeon Vii

Fri, 15 May 2026 16:15:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via DLL Hijacking in AMD Cleanup Utility

Fri, 15 May 2026 14:15:00 +0000

Type Values Removed Values Added
Title DLL Hijacking in AMD Cleanup Utility Enables Privilege Escalation
Weaknesses CWE-444

Fri, 15 May 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-427
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 15 May 2026 05:45:00 +0000

Type Values Removed Values Added
Title DLL Hijacking in AMD Cleanup Utility Enables Privilege Escalation
Weaknesses CWE-444

Fri, 15 May 2026 04:30:00 +0000

Type Values Removed Values Added
Description A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
References
Metrics cvssV4_0

{'score': 7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Amd Amd Cleanup Utility Cleanup Utility Radeon Pro Vii Radeon Pro W5000 Series Radeon Pro W5500 Radeon Pro W5500x Radeon Pro W5700 Radeon Pro W5700x Radeon Pro W6000 Series Radeon Pro W6300 Radeon Pro W6300m Radeon Pro W6400 Radeon Pro W6500m Radeon Pro W6600 Radeon Pro W6600m Radeon Pro W6600x Radeon Pro W6800 Radeon Pro W6800x Radeon Pro W6800x Duo Radeon Pro W6900x Radeon Pro W7000 Series Radeon Pro Wx 8000 Series Radeon Pro Wx 9000 Series Radeon Rx 5000 Series Radeon Rx 6000 Series Radeon Rx 7000 Series Radeon Rx Vega Series Radeon Software Radeon Vii
cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2026-05-16T03:56:12.910Z

Reserved: 2024-05-23T19:44:44.387Z

Link: CVE-2024-36333

cve-icon Vulnrichment

Updated: 2026-05-15T11:15:37.673Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-15T05:16:32.630

Modified: 2026-05-18T15:15:15.910

Link: CVE-2024-36333

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T19:41:24Z

Weaknesses
  • CWE-427

    Uncontrolled Search Path Element