← back
CVE-2025-46707

GPU DDK - Guest VM can override its own FW VZ connection state after the FW has close it

CVSS 5.2 MEDIUMEPSS 0.1%CWE-668
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.2EPSS 0.1%KEV nãoPoC Patch
Lifecycle
Jun 27, 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Software installed and running inside a Guest VM may override Firmware's state and gain access to the GPU.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Affected products
Imagination Technologies · Graphics DDK

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.imaginationtech.com/gpu-driver-vulnerabilities/