4
CVE-2025-54509
- EPSS 0.13%
- Veröffentlicht 09.06.2026 18:16:32
- Zuletzt bearbeitet 09.06.2026 19:30:24
- Quelle psirt@amd.com
- CVE-Watchlists
- Unerledigt
Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerAMD
≫
Produkt
AMD EPYC™ 9004 Series Processors
Default Statusaffected
Version
GenoaPI_1.0.0.H
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ 9005 Series Processors
Default Statusaffected
Version
TurinPI_1.0.0.8
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ 8004 Series Processors
Default Statusaffected
Version
GenoaPI_1.0.0.H
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")
Default Statusaffected
Version
EmbGenoaPI-SP5 1.0.0.D
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")
Default Statusaffected
Version
EmbGenoaPI-SP5 1.0.0.D
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 8004 Series Processors
Default Statusaffected
Version
EmbGenoaPI-SP5 1.0.0.D
Status
unaffected
HerstellerAMD
≫
Produkt
AMD EPYC™ Embedded 9005 Series Processors
Default Statusaffected
Version
EmbeddedTurinPI_SP5_1004
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.027 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@amd.com | 4 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-1262 Improper Access Control for Register Interface
The product uses memory-mapped I/O registers that act as an interface to hardware functionality from software, but there is improper access control to those registers.
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3039.html