Improper Lock Bit Modification Vulnerability in SEV Firmware by AMD
CVE-2025-52536

6.7MEDIUM

Key Information:

Vendor: Amd
Status: Amd Epyc™ 9004 Series Processors; Amd Epyc™ 7003 Series Processors; Amd Epyc™ 9005 Series Processors; Amd Epyc™ 8004 Series Processors
Vendor: CVE Published:; 10 February 2026

What is CVE-2025-52536?

The SEV firmware from AMD is susceptible to a vulnerability that permits unauthorized modification of lock bits. This flaw facilitates privileged attackers to potentially downgrade the firmware version, which can compromise the integrity of the system. Such a modification can lead to serious security implications, allowing malicious entities to exploit the system and access sensitive data.

Affected Version(s)

AMD EPYC™ 7003 Series Processors MilanPI 1.0.0.H

AMD EPYC™ 8004 Series Processors GenoaPI 1.0.0.G

AMD EPYC™ 9004 Series Processors GenoaPI 1.0.0.G

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

6.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Jun 17, 2025

CVE-2025-52536 Data

JSON

Amd

What is CVE-2025-52536?

Affected Version(s)

References

CVSS V4

Timeline