CVE-2025-12896

MEDIUM

Solidigm DC Products - Privilege Escalation

Title source: llm

Description

Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked storage device.

References (1)

[Various Sources] https://www.solidigm.com/support-page/support-security.html

Scores

CVSS v3 4.4

EPSS 0.0001

EPSS Percentile 2.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-307

Status published

Products (5)

Solidigm™/D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to 5CV10326

Solidigm™/D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to 6DV10341 (8K IU) / 6CV10241 (4K IU)

Solidigm™/D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to 9CV10490

Solidigm™/D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to ACV10360

Solidigm™/D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 All FW prior to JCV10501

Published Nov 07, 2025

Tracked Since Feb 18, 2026