CVE-2025-9195
Description
Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A local attacker can cause a denial of service on Solidigm DC products by exploiting improper input validation in the firmware.
Vulnerability
Overview
CVE-2025-9195 is a medium-severity vulnerability affecting the firmware of Solidigm Data Center (DC) solid-state drives. The root cause is improper input validation, which can be triggered by an attacker with local access to the system [1].
Exploitation
To exploit this vulnerability, an attacker must have local access to the target system. No special privileges beyond local user access are mentioned in the advisory. The attack complexity is low, and the attack vector is local, meaning the attacker must be able to interact with the drive through the host system's interface [1].
Impact
Successful exploitation leads to a denial of service (DoS) condition. This could manifest as the drive becoming unresponsive or crashing, potentially causing data unavailability or system instability. The CVSS v3 base score of 4.4 reflects a medium severity, with the primary impact being on availability [1].
Mitigation
Solidigm has addressed this vulnerability in a firmware update. The company recommends that customers always use the latest firmware version to mitigate this and other security issues. Details are available in the Solidigm Public Security Advisory (PSA) document referenced on their support page [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.