CVE-2025-0037 | THREATINT

Description

In AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime services through the PLM firmware can allow access to isolated or protected memory spaces, resulting in the loss of integrity and confidentiality.

PUBLISHED Reserved 2024-11-21 | Published 2025-06-09 | Updated 2025-06-10 | Assigner AMD

MEDIUM: 6.6CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Problem types

CWE-20 Improper Input Validation

Product status

Default status

affected

Refer to AMD-SB-8010 (custom)

affected

References

www.amd.com/...es/product-security/bulletin/amd-sb-8010.html

cve.org (CVE-2025-0037)

nvd.nist.gov (CVE-2025-0037)

Download JSON