← voltar
CVE-2025-54515

CVE-2025-54515

CVSS 1 LOWEPSS 0.1%CWE-1284
Vexday Risk Score
8Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 1EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
23 nov 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Produtos afetados
AMD · Alveo™ V80 Compute AcceleratorAMD · Versal™ Adaptive SoC DevicesAMD · Versal™ AI Core SeriesAMD · Versal™ AI Edge SeriesAMD · Versal™ HBM SeriesAMD · Versal™ Premium SeriesAMD · Versal™ Prime SeriesAMD · Versal™ RF Series

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8020.html