SEV firmware
by AMD
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-52536 | Med | 0.44 | — | 0.00 | Feb 10, 2026 | Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity. | |
| CVE-2025-29952 | Med | 0.38 | — | 0.00 | Feb 10, 2026 | Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity | |
| CVE-2025-48517 | Med | 0.30 | — | 0.00 | Feb 10, 2026 | Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality. | |
| CVE-2025-0031 | Med | 0.30 | — | 0.00 | Feb 10, 2026 | A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity. | |
| CVE-2025-29946 | Med | 0.29 | — | 0.00 | Feb 10, 2026 | Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory. | |
| CVE-2025-48514 | Med | 0.26 | — | 0.00 | Feb 10, 2026 | Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality. |
- risk 0.44cvss —epss 0.00
Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.
- risk 0.38cvss —epss 0.00
Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity
- risk 0.30cvss —epss 0.00
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.
- risk 0.30cvss —epss 0.00
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.
- risk 0.29cvss —epss 0.00
Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.
- risk 0.26cvss —epss 0.00
Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.