Vulnerability in Amd Epyc™ 9005 Series Processors

CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.

EPSS: 0.000 (4.9th percentile) — read the EPSS interpretation.

Affected products

Amd Epyc™ 9005 Series Processors — versions TurinPI 1.0.0.6
Amd Epyc™ Embedded 9005 Series Processors — versions EmbTurinPI-SP5_1.0.0.1

Weakness classification (CWE)

CWE-1260

References

www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html