Improper Resource Management in Solidigm DC Products
CVE-2025-12896

4.4MEDIUM

Key Information:

Vendor: Solidigm™
Status: D5-p5316, D7-p5510, D7-p5520/d7-p5620, D5-p5430, D5-p5336
Vendor: CVE Published:; 7 November 2025

What is CVE-2025-12896?

An issue has been identified in the firmware of certain Solidigm DC Products where improper resource management may pose risks to data security. If an attacker has local or physical access to a device, they could potentially exploit this vulnerability to gain unauthorized access to locked storage, leading to possible data breaches. It is crucial for users to remain vigilant and apply recommended security measures to safeguard their devices.

Affected Version(s)

D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to ACV10360

D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to JCV10501

D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to 9CV10490

References

https://www.solidigm.com/support-page/support-security.html

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 7, 2025
Vulnerability Reserved
Nov 7, 2025

JSON

Solidigm™

What is CVE-2025-12896?

Affected Version(s)

References

CVSS V3.1

Timeline