Improper Access Control Vulnerability in AMD Secure Processor
CVE-2025-54509
4MEDIUM
Key Information:
What is CVE-2025-54509?
This vulnerability involves improper access control within the register interface of the input-output memory management unit (IOMMU) associated with the AMD Secure Processor. A malicious actor with elevated privileges could exploit this flaw, leading to non-coherent accesses by the AMD secure processor. Such exploitation holds the potential for integrity loss, resulting in unauthorized access and manipulation of sensitive operational data. Timely updates and fortified access controls are essential measures to mitigate associated risks.
Affected Version(s)
AMD EPYC™ 8004 Series Processors GenoaPI_1.0.0.H
AMD EPYC™ 9004 Series Processors GenoaPI_1.0.0.H
AMD EPYC™ 9005 Series Processors TurinPI_1.0.0.8