ByteOS Network

Vulnerability Details :

CVE-2025-0036

Assigner-AMD

Assigner Org ID-b58fc414-a1e4-4f92-9d70-1add41838648

Published At-09 Jun, 2025 | 23:57

Updated At-30 Jun, 2025 | 14:48

In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:AMD

Assigner Org ID:b58fc414-a1e4-4f92-9d70-1add41838648

Published At:09 Jun, 2025 | 23:57

Updated At:30 Jun, 2025 | 14:48

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

Advanced Micro Devices, Inc.

Product

Versal Adaptive SoC Devices

Default Status

affected

Versions

Unaffected

2025.1 release (custom)

Vendor

Advanced Micro Devices, Inc.

Product

Versal RF Series

Default Status

affected

Versions

Unaffected

2025.1 release

Vendor

Advanced Micro Devices, Inc.

Product

Versal AI Edge Series

Default Status

affected

Versions

Unaffected

2025.1 release

Vendor

Advanced Micro Devices, Inc.

Product

Versal Prime Series

Default Status

affected

Versions

Unaffected

2025.1 release

Vendor

Advanced Micro Devices, Inc.

Product

Versal Premium Series

Default Status

affected

Versions

Unaffected

2025.1 release

Vendor

Advanced Micro Devices, Inc.

Product

Versal AI Core Series

Default Status

affected

Versions

Unaffected

2025.1 release

Vendor

Advanced Micro Devices, Inc.

Product

Versal HBM Series

Default Status

affected

Versions

Unaffected

2025.1 release

Vendor

Advanced Micro Devices, Inc.

Product

Alveo V80 Compute Accelerator

Default Status

affected

Versions

Unaffected

2025.1 release

Problem Types

Type	CWE ID	Description
CWE	CWE-682	CWE-682 Incorrect Calculation
CWE	CWE-772	CWE-772 Missing Release of Resource after Effective Lifetime
CWE	CWE-940	CWE-940 Improper Verification of Source of a Communication Channel
CWE	CWE-941	CWE-941 Incorrectly Specified Destination in a Communication Channel
CWE	CWE-497	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Type: CWE

CWE ID: CWE-682

Description: CWE-682 Incorrect Calculation

Type: CWE

CWE ID: CWE-772

Description: CWE-772 Missing Release of Resource after Effective Lifetime

Type: CWE

CWE ID: CWE-940

Description: CWE-940 Improper Verification of Source of a Communication Channel

Type: CWE

CWE ID: CWE-941

Description: CWE-941 Incorrectly Specified Destination in a Communication Channel

Type: CWE

CWE ID: CWE-497

Description: CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Metrics

Version	Base score	Base severity	Vector
3.1	3.2	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

Version: 3.1

Base score: 3.2

Base severity: LOW

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

References

Hyperlink	Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html	N/A

Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:psirt@amd.com

Published At:10 Jun, 2025 | 00:15

Updated At:12 Jun, 2025 | 16:06

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	3.2	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

Type: Secondary

Version: 3.1

Base score: 3.2

Base severity: LOW

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

Weaknesses

CWE ID	Type	Source
CWE-497	Secondary	psirt@amd.com
CWE-682	Secondary	psirt@amd.com
CWE-772	Secondary	psirt@amd.com
CWE-940	Secondary	psirt@amd.com
CWE-941	Secondary	psirt@amd.com

CWE ID: CWE-497

Type: Secondary

Source: psirt@amd.com

CWE ID: CWE-682

Type: Secondary

Source: psirt@amd.com

CWE ID: CWE-772

Type: Secondary

Source: psirt@amd.com

CWE ID: CWE-940

Type: Secondary

Source: psirt@amd.com

CWE ID: CWE-941

Type: Secondary

Source: psirt@amd.com

References

Hyperlink	Source	Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html	psirt@amd.com	N/A

Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html

Source: psirt@amd.com

Resource: N/A

Similar CVEs

1Records found

CVE-2023-31347

Matching Score-6

Assigner-Advanced Micro Devices Inc.

View Details

Matching Score-6

Assigner-Advanced Micro Devices Inc.

CVSS Score-4.9||MEDIUM

EPSS-0.04% / 9.42%

7 Day CHG~0.00%

Published-13 Feb, 2024 | 19:18

Updated-17 Mar, 2025 | 18:15

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.

Vendor-Advanced Micro Devices, Inc.

Product-epyc_8124p epyc_9334 epyc_9124 epyc_7453 epyc_7373x_firmware epyc_7443_firmware epyc_7643p epyc_7513 epyc_9554_firmware epyc_9684x_firmware epyc_9224 epyc_9454p_firmware epyc_7303p epyc_7443 epyc_9184x epyc_9654p_firmware epyc_9274f epyc_7203p_firmware epyc_9354p epyc_7573x_firmware epyc_74f3_firmware epyc_9634_firmware epyc_8434p epyc_7303 epyc_8124p_firmware epyc_8224pn epyc_7343_firmware epyc_9554 epyc_7513_firmware epyc_8324pn epyc_9474f_firmware epyc_7303p_firmware epyc_7763_firmware epyc_7373x epyc_7473x_firmware epyc_7313p_firmware epyc_8024p_firmware epyc_7773x epyc_8534p_firmware epyc_9454_firmware epyc_9554p epyc_9684x epyc_9184x_firmware epyc_7663p_firmware epyc_75f3 epyc_7313 epyc_7713p_firmware epyc_9474f epyc_7543 epyc_9124_firmware epyc_7643 epyc_7313p epyc_7713 epyc_9334_firmware epyc_9534 epyc_7773x_firmware epyc_7313_firmware epyc_7443p_firmware epyc_73f3 epyc_9354 epyc_8124pn epyc_7443p epyc_7713p epyc_8534pn_firmware epyc_75f3_firmware epyc_72f3_firmware epyc_9354p_firmware epyc_7643p_firmware epyc_72f3 epyc_9384x epyc_7663_firmware epyc_7543_firmware epyc_7573x epyc_8024pn_firmware epyc_9374f epyc_9354_firmware epyc_7453_firmware epyc_7643_firmware epyc_9274f_firmware epyc_8434pn epyc_9454 epyc_8434p_firmware epyc_8124pn_firmware epyc_7473x epyc_7663 epyc_7543p_firmware epyc_9174f_firmware epyc_7413_firmware epyc_7343 epyc_7713_firmware epyc_9654_firmware epyc_8324p epyc_8224p epyc_9254_firmware epyc_9254 epyc_7203_firmware epyc_8534pn epyc_7413 epyc_8534p epyc_7543p epyc_8024p epyc_8224pn_firmware epyc_9634 epyc_9454p epyc_9654 epyc_7203p epyc_9174f epyc_8024pn epyc_73f3_firmware epyc_9654p epyc_74f3 epyc_8324p_firmware epyc_7303_firmware epyc_9224_firmware epyc_8434pn_firmware epyc_9374f_firmware epyc_9384x_firmware epyc_7763 epyc_9534_firmware epyc_8324pn_firmware epyc_7663p epyc_9554p_firmware epyc_8224p_firmware 4th Gen AMD EPYC™ Processors 3rd Gen AMD EPYC™ Processors

CWE ID-CWE-682

Incorrect Calculation

CVE-2025-0036

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Unaffected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs