Overview
A high-severity security vulnerability, identified as CVE-2024-21922, has been discovered in AMD StoreMI™. This vulnerability is a DLL hijacking issue that could allow a local attacker to escalate privileges, potentially leading to arbitrary code execution on the affected system. This could have serious implications for system security and data integrity.
This vulnerability was published on 2025-11-23T17:15:46.817 and is strongly advised that users take immediate action to mitigate this risk.
Technical Details
CVE-2024-21922 is a DLL hijacking vulnerability. This means that a malicious actor could place a specially crafted DLL file in a location where AMD StoreMI™ will load it instead of the legitimate DLL. When StoreMI™ loads the malicious DLL, the attacker’s code is executed with the same privileges as the StoreMI™ process. Because StoreMI™ often runs with elevated privileges, this allows the attacker to escalate their own privileges on the system.
The exact mechanism by which the DLL is hijacked may vary, but it often involves exploiting weaknesses in how StoreMI™ searches for and loads DLL files. This might include insecure search paths or reliance on user-controlled locations.
CVSS Analysis
The Common Vulnerability Scoring System (CVSS) v3.1 score for CVE-2024-21922 is 7.3 (High).
This score reflects the following characteristics:
- Attack Vector (AV): Local (L) – The attacker needs local access to the system.
- Attack Complexity (AC): Low (L) – The attack is relatively easy to perform.
- Privileges Required (PR): None (N) – No privileges are required to perform the attack (likely due to the hijacking leading to privilege escalation).
- User Interaction (UI): Required (R) – User interaction may be required to trigger the vulnerable process.
- Scope (S): Changed (C) – A successful attack can affect resources beyond the attacker’s control.
- Confidentiality Impact (C): High (H) – There is a significant impact on confidentiality.
- Integrity Impact (I): High (H) – There is a significant impact on integrity.
- Availability Impact (A): High (H) – There is a significant impact on availability.
The high CVSS score highlights the significant risk associated with this vulnerability.
Possible Impact
Successful exploitation of CVE-2024-21922 can have severe consequences, including:
- Privilege Escalation: An attacker can gain elevated privileges on the system, allowing them to perform actions they would otherwise be restricted from.
- Arbitrary Code Execution: The attacker can execute arbitrary code with the privileges of the StoreMI™ process, potentially leading to complete system compromise.
- Data Theft: Sensitive data can be accessed and stolen.
- Malware Installation: Malware can be installed on the system.
- System Instability: The system may become unstable or crash.
Mitigation and Patch Steps
AMD has released a security bulletin addressing this vulnerability. Users of AMD StoreMI™ are strongly advised to take the following steps:
- Apply the Patch: Download and install the latest version of AMD StoreMI™ that contains the fix for CVE-2024-21922. Check the AMD security bulletin for the appropriate version.
- Verify Installation: After applying the patch, verify that the updated version of StoreMI™ is correctly installed.
- Monitor Systems: Continue to monitor systems for any signs of compromise.
It’s also generally recommended to practice good security hygiene, such as running anti-virus software and being cautious about opening untrusted files or clicking on suspicious links.
