PatchSiren

PatchSiren cyber security CVE debrief

CVE-2024-36333 Amd CVE debrief

CVE-2024-36333 is a high-severity DLL hijacking issue in AMD Cleanup Utility. According to the NVD record, a low-privilege local attacker with user interaction may be able to influence DLL loading and escalate privileges, potentially resulting in arbitrary code execution. NVD cites AMD’s security bulletin as the vendor remediation reference and lists AMD Cleanup Utility 25.20.00.00 among the affected products.

Vendor
Amd
Product
Radeon Software
CVSS
HIGH 7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-15
Original CVE updated
2026-05-18
Advisory published
2026-05-15
Advisory updated
2026-05-18

Who should care

Endpoint and desktop administrators, AMD Cleanup Utility users, and teams managing AMD Radeon Software Pro deployments should review this issue. It is most relevant where the utility is installed on systems that standard users can run or where user-writable directories could influence DLL search order.

Technical summary

The vulnerability is classified as CWE-427 (Uncontrolled Search Path Element), consistent with DLL hijacking behavior. NVD’s CVSS v4.0 vector indicates a local attack (AV:L) with low privileges (PR:L), requires user interaction (UI:P), and can have high impacts to confidentiality, integrity, and availability. The NVD CPE data marks AMD Cleanup Utility 25.20.00.00 as vulnerable and also includes Radeon Software Pro product entries with version bounds ending before 25.q3.1 and 26.q1, so the exact affected build scope should be confirmed against AMD’s advisory.

Defensive priority

High priority for any endpoint running AMD Cleanup Utility or potentially affected Radeon Software Pro releases, especially systems where non-administrators can launch the software. Treat as a local privilege-escalation risk and prioritize remediation on shared or production workstations.

Recommended defensive actions

  • Review AMD Security Bulletin AMD-SB-6027 for the authoritative fixed-version guidance.
  • Update or remove AMD Cleanup Utility 25.20.00.00 and any impacted Radeon Software Pro versions identified by AMD.
  • Restrict write access to application and working directories so standard users cannot place or replace DLLs used by the utility.
  • Limit execution of the cleanup utility to trusted administrative workflows and avoid running it from user-writable paths.
  • Monitor for suspicious DLL loading behavior and unexpected elevated launches associated with AMD Cleanup Utility.
  • If immediate patching is not possible, reduce exposure by limiting who can execute the utility and by using standard endpoint hardening controls.

Evidence notes

This debrief is based only on the supplied NVD record and the linked AMD vendor advisory. The corpus shows CVE publication at 2026-05-15T05:16:32.630Z and modification at 2026-05-18T15:15:15.910Z. The NVD record is marked Analyzed, references AMD-SB-6027, and includes CWE-427 plus a CVSS v4.0 vector showing a local, low-privilege, user-interaction-dependent impact. Exact remediation versions should be verified in the AMD bulletin because the supplied corpus does not include the bulletin’s full fixed-version text.

Official resources

Publicly listed in the supplied NVD record on 2026-05-15 and updated on 2026-05-18. The AMD security bulletin referenced by NVD is the vendor’s remediation source.