CVE-2025-29950

EPSS 0.01%
Veröffentlicht 10.02.2026 19:10:28
Zuletzt bearbeitet 10.02.2026 21:51:48
Quelle psirt@amd.com
CVE-Watchlists
Login
Unerledigt
Login

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerAMD

≫

Produkt AMD EPYC™ 9004 Series Processors

Default Statusaffected

Version GenoaPI 1.0.0.G

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ 7003 Series Processors

Default Statusaffected

Version MilanPI 1.0.0.H

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ 7002 Series Processors

Default Statusaffected

Version RomePI 1.0.0.N

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ 7001 Series Processors

Default Statusaffected

Version NaplesPI 1.0.0.R

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ 9005 Series Processors

Default Statusaffected

Version TurinPI 1.0.0.6

Status unaffected

HerstellerAMD

≫

Produkt AMD Instinct™ MI300A

Default Statusaffected

Version MI300A 1.0.0.B

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ 9V64H Processor

Default Statusaffected

Version MI300C 1.0.0.2

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ Threadripper™ PRO 3000WX Processors

Default Statusaffected

Version ChagallWSPI-sWRX8 1.0.0.C

Status unaffected

Version CastlePeakWSPI-sWRX8 1.0.0.I

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors

Default Statusaffected

Version ChagallWSPI-sWRX8 1.0.0.C

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ Threadripper™ 7000 Processors

Default Statusaffected

Version StormPeakPI-SP6_1.0.0.1l

Status unaffected

Version ShimadaPeakPI-SP6_1.0.0.1

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors

Default Statusaffected

Version StormPeakPI-SP6_1.1.0.0j

Status unaffected

Version ShimadaPeakPI-SP6_1.0.0.1

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ Threadripper™ 9000 Processors

Default Statusaffected

Version ShimadaPeakPI-SP6_1.0.0.1

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors

Default Statusaffected

Version ShimadaPeakPI-SP6_1.0.0.1

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ Embedded 7003 Series Processors

Default Statusaffected

Version EmbMilanPI-SP3 v9 1.0.0.C

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")

Default Statusaffected

Version EmbGenoaPI-SP5 1.0.0.B

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ Embedded 7002 Series Processors

Default Statusaffected

Version EmbRomePI-SP3 1.0.0.F

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ Embedded 3000 Series Processors

Default Statusaffected

Version SnowyOwl_SP4_SP4r2.1.1.0.H

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ Embedded 9005 Series Processors

Default Statusaffected

Version EmbTurinPI-SP5_1.0.0.1

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")

Default Statusaffected

Version EmbGenoaPI-SP5 1.0.0.B

Status unaffected

HerstellerAMD

≫

Produkt AMD EPYC™ Embedded 8004 Series Processors

Default Statusaffected

Version EmbGenoaPI-SP5 1.0.0.B

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.004

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@amd.com	7.1	0	0	CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-1274 Improper Access Control for Volatile Memory Containing Boot Code

The product conducts a secure-boot process that transfers bootloader code from Non-Volatile Memory (NVM) into Volatile Memory (VM), but it does not have sufficient access control or other protections for the Volatile Memory.

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

https://nvd.nist.gov/vuln/detail/CVE-2025-29950

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-29950

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-29950

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-29950