CVE-2025-48517 in EPYC 9005 Processorsthông tin

Tóm tắt

Bởi MITRE • 10/02/2026

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

chịu trách nhiệm

AMD

Đặt trước

22/05/2025

Tiết lộ

10/02/2026

Kiểm duyệt

được chấp nhận

mục

VDB-345392

CPE

sẵn sàng

CWE

CWE-1220 (Đã xác nhận)

CVSS

2.3 (VulDB)

EPSS

0.00018

KEV

không

Các hoạt động

rất thấp

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-48517
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-48517
CVE Details	https://www.cvedetails.com/cve/CVE-2025-48517/

◂ Trước Tổng Quan Tiếp theo ▸

Do you know our Splunk app?

Download it now for free!