CVE Catalog

CVE-2026-40677

HighCVSS 7.7
Published: Updated: Translated: NVD NIST

Summary

The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a man-in-the-middle attack, potentially leading to arbitrary code execution.

Risk Assessment

The organization may be exposed to attacks that could lead to unauthorized access to systems and data, as well as the execution of malicious code.

Recommendation

It is recommended to use secure HTTPS transport in AMD optional tools and to monitor network traffic for potential attacks.

Original NVD description (English source)

The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a man-in-the-middle attack, potentially leading to arbitrary code execution.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS