Insufficient Entropy in AMD CPUs Exposes Security Risks
CVE-2025-62626

7.2HIGH

Key Information:

Vendor: Amd
Status: Amd Ryzen™ 9000hx Series Processors
Vendor: CVE Published:; 21 November 2025

What is CVE-2025-62626?

The vulnerability in AMD CPUs arises from improper management of entropy, which could potentially allow a local attacker to manipulate the outputs of the RDSEED instruction. This situation may lead to the generation of poorly randomized values, undermining the security of cryptographic functions that rely on such randomness. It is crucial for users to be aware of this risk and apply necessary updates or mitigations to ensure the integrity of their systems.

Affected Version(s)

AMD Ryzen™ 9000HX Series Processors FireRangeFL1PI 1.0.0.0e

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2025
Vulnerability Reserved
Oct 16, 2025

JSON

Amd

What is CVE-2025-62626?

Affected Version(s)

References

CVSS V4

Timeline