Vulnerability in Amd Epyc™ 8004 Series Processors

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss…

EPSS: 0.000 (4.1th percentile) — read the EPSS interpretation.

Affected products

Amd Epyc™ 8004 Series Processors — versions GenoaPI_1.0.0.H
Amd Epyc™ 9004 Series Processors — versions GenoaPI_1.0.0.H
Amd Epyc™ 9005 Series Processors — versions TurinPI_1.0.0.8
Amd Epyc™ Embedded 8004 Series Processors — versions EmbGenoaPI-SP5 1.0.0.D
Amd Epyc™ Embedded 9004 Series Processors (Formerly Codenamed "Bergamo") — versions EmbGenoaPI-SP5 1.0.0.D
Amd Epyc™ Embedded 9004 Series Processors (Formerly Codenamed "Genoa") — versions EmbGenoaPI-SP5 1.0.0.D
Amd Epyc™ Embedded 9005 Series Processors — versions EmbeddedTurinPI_SP5_1004

Weakness classification (CWE)

CWE-1233

References

psirt@amd.com