CVE-2025-54509

4MEDIUM

Key Information:

Vendor: Amd
Status: Amd Epyc™ 9004 Series Processors; Amd Epyc™ 9005 Series Processors; Amd Epyc™ 8004 Series Processors; Amd Epyc™ Embedded 9004 Series Processors (formerly Codenamed "genoa")
Vendor: CVE Published:; 9 June 2026

What is CVE-2025-54509?

Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.

Affected Version(s)

AMD EPYC™ 8004 Series Processors GenoaPI_1.0.0.H

AMD EPYC™ 9004 Series Processors GenoaPI_1.0.0.H

AMD EPYC™ 9005 Series Processors TurinPI_1.0.0.8

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2026
Vulnerability Reserved
Jul 23, 2025

CVE-2025-54509 Data

JSON

Amd

What is CVE-2025-54509?

Affected Version(s)

References

CVSS V4

Timeline