CVE-2025-62626 | THREATINT

Description

Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values.

PUBLISHED Reserved 2025-10-16 | Published 2025-11-21 | Updated 2025-11-22 | Assigner AMD

HIGH: 7.2CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-333 Improper Handling of Insufficient Entropy in TRNG

Product status

Default status

affected

FireRangeFL1PI 1.0.0.0e

unaffected

References

www.amd.com/...es/product-security/bulletin/AMD-SB-7055.html

cve.org (CVE-2025-62626)

nvd.nist.gov (CVE-2025-62626)

Download JSON