CVE-2025-29952

MEDIUM

AMD EPYC 9005 Series Processors - Authenticated Memory Integrity Loss via SEV Firmware Improper Initialization

Title source: llm

Description

Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity

References (1)

Core 1

Core References

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html

Scores

CVSS v4 5.9

EPSS 0.0014

EPSS Percentile 3.9%

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-457

Status published

Products (2)

AMD/AMD EPYC™ 9005 Series Processors TurinPI 1.0.0.6

AMD/AMD EPYC™ Embedded 9005 Series Processors EmbTurinPI-SP5_1.0.0.1

Published Feb 10, 2026

Tracked Since Feb 18, 2026