Home · Briefs · CTI Daily Brief — 2026-05-16
AMD-SB-7052 / CVE-2025-54518 — AMD Zen 2 µop-cache corruption / SoC isolation failure: local privilege escalation (CVSS 7.3), microcode mitigation in May 2026 Windows update and Xen XSA-490
From CTI Daily Brief — 2026-05-16 · published 2026-05-16
AMD disclosed AMD-SB-7052 (CVE-2025-54518, CVSS 7.3 on the CVSS 4.0 scale, CWE-1189 Improper Isolation of Shared Resources on System-on-Chip) affecting Zen 2-based processor models on 2026-05-12, with NCSC-NL flagging the advisory on 2026-05-15 (AMD Product Security, 2026-05-12 · NCSC-NL NCSC-2026-0158, 2026-05-15). The flaw allows a local attacker with code execution on the target system to corrupt the CPU operation (µop) cache and thereby cause instructions to execute at a higher privilege level than intended, enabling local privilege escalation and, in virtualisation contexts, potential degradation of hypervisor-level isolation. Mitigation is delivered as microcode integrated into the May 2026 Microsoft Windows cumulative update (the same window as the previously-covered CVE-2026-41089 / 41096 Patch Tuesday set); Fedora has issued separate kernel + microcode updates (advisory IDs per NCSC-NL CSAF references) and Xen has published XSA-490 for bare-metal hypervisor operators. Lenovo has published a product-security advisory covering affected ThinkPad / ThinkStation / Workstation models for BIOS / UEFI guidance. Attack class: T1068 Exploitation for Privilege Escalation, with elevated relevance in confidential-compute and multi-tenant virtualisation contexts (VDI estates, cloud-hosted VMs on Zen 2 hosts, shared university compute clusters). No in-the-wild exploitation confirmed. Detection / verification: confirm the May 2026 Windows CU includes the AMD microcode revision via the relevant KB and wmic cpu get name, dataWidth, processorId; for Linux hypervisors apply distro kernel + microcode updates and reboot; for Xen apply XSA-490; for Lenovo hardware check BIOS / UEFI update guidance per LEN-216977. The local-only attack vector limits external risk; the priority is multi-tenant and virtualisation contexts where guest-to-hypervisor or container-to-host isolation is part of the security boundary.
CVE Summary Table
| CVE | Product | CVSS | EPSS | KEV | Exploited | Patch | Source |
|---|---|---|---|---|---|---|---|
| CVE-2026-42897 | Microsoft Exchange Server 2016 / 2019 / SE — OWA | 8.1 (v3.1) | n/a | Yes (added 2026-05-15) | Yes — Microsoft confirmed | No permanent patch; EEMS Mitigation M2 (auto / EOMT manual) | Microsoft MSRC |
| CVE-2026-44112 | OpenClaw / Clawdbot — OpenShell sandbox (TOCTOU write escape) | 9.6 (Critical) | n/a | No | No | OpenClaw 2026-04-23 release (GHSA-5h3g-6xhh-rg6p) | Cyera Research |
| CVE-2026-44115 | OpenClaw / Clawdbot — command-parser allowlist bypass | 8.8 (High) | n/a | No | No | OpenClaw 2026-04-23 release (GHSA-wppj-c6mr-83jj) | Cyera Research |
| CVE-2026-44118 | OpenClaw / Clawdbot — MCP loopback senderIsOwner trust |
7.8 (High) | n/a | No | No | OpenClaw 2026-04-23 release (GHSA-r6xh-pqhr-v4xh) | Cyera Research |
| CVE-2026-44113 | OpenClaw / Clawdbot — TOCTOU read escape (file disclosure) | 7.7 (High) | n/a | No | No | OpenClaw 2026-04-23 release (GHSA-x3h8-jrgh-p8jx) | Cyera Research |
| CVE-2025-54518 (AMD-SB-7052) | AMD Zen 2 CPUs — µop cache / SoC isolation LPE | 7.3 (CVSS 4.0) | n/a | No | No | May 2026 Windows CU; Fedora kernel + microcode updates; Xen XSA-490 | AMD Product Security |