Search criteria
4 vulnerabilities found for AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") by AMD
CVE-2025-61972 (GCVE-0-2025-61972)
Vulnerability from nvd – Published: 2026-05-13 03:03 – Updated: 2026-05-14 03:56
VLAI?
Summary
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
Severity ?
CWE
- CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ 9005 Series Processors |
Unaffected:
TurinPI_1.0.0.8
|
|
| AMD | AMD EPYC™ 8004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 8004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9005 Series Processors |
Unaffected:
EmbeddedTurinPI_SP5_1004
|
Date Public ?
2026-05-13 03:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T03:56:03.690Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "TurinPI_1.0.0.8"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedTurinPI_SP5_1004"
}
]
}
],
"datePublic": "2026-05-13T03:00:40.598Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity. \u003cbr\u003e"
}
],
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1233",
"description": "CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:03:31.455Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-61972",
"datePublished": "2026-05-13T03:03:31.455Z",
"dateReserved": "2025-10-04T18:09:57.018Z",
"dateUpdated": "2026-05-14T03:56:03.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61971 (GCVE-0-2025-61971)
Vulnerability from nvd – Published: 2026-05-13 03:02 – Updated: 2026-05-13 14:37
VLAI?
Summary
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
Severity ?
CWE
- CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ 7003 Series Processors |
Unaffected:
MilanPI-SP3_1.0.0.J
|
|
| AMD | AMD EPYC™ 9005 Series Processors |
Unaffected:
TurinPI_1.0.0.8
|
|
| AMD | AMD EPYC™ 8004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ Embedded 7003 Series Processors |
Unaffected:
EmbMilanPI-SP3 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 8004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9005 Series Processors |
Unaffected:
EmbeddedTurinPI_SP5_1004
|
Date Public ?
2026-05-13 03:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61971",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T14:37:29.592995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T14:37:35.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MilanPI-SP3_1.0.0.J"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "TurinPI_1.0.0.8"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbMilanPI-SP3 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedTurinPI_SP5_1004"
}
]
}
],
"datePublic": "2026-05-13T03:00:33.777Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.\u003cbr\u003e"
}
],
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1233",
"description": "CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:02:55.705Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-61971",
"datePublished": "2026-05-13T03:02:55.705Z",
"dateReserved": "2025-10-04T18:09:57.018Z",
"dateUpdated": "2026-05-13T14:37:35.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61972 (GCVE-0-2025-61972)
Vulnerability from cvelistv5 – Published: 2026-05-13 03:03 – Updated: 2026-05-14 03:56
VLAI?
Summary
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
Severity ?
CWE
- CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ 9005 Series Processors |
Unaffected:
TurinPI_1.0.0.8
|
|
| AMD | AMD EPYC™ 8004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 8004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9005 Series Processors |
Unaffected:
EmbeddedTurinPI_SP5_1004
|
Date Public ?
2026-05-13 03:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T03:56:03.690Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "TurinPI_1.0.0.8"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedTurinPI_SP5_1004"
}
]
}
],
"datePublic": "2026-05-13T03:00:40.598Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity. \u003cbr\u003e"
}
],
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest\u0027s confidentiality and integrity."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1233",
"description": "CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:03:31.455Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-61972",
"datePublished": "2026-05-13T03:03:31.455Z",
"dateReserved": "2025-10-04T18:09:57.018Z",
"dateUpdated": "2026-05-14T03:56:03.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61971 (GCVE-0-2025-61971)
Vulnerability from cvelistv5 – Published: 2026-05-13 03:02 – Updated: 2026-05-13 14:37
VLAI?
Summary
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
Severity ?
CWE
- CWE-1233 - Security-Sensitive Hardware Controls with Missing Lock Bit Protection
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ 7003 Series Processors |
Unaffected:
MilanPI-SP3_1.0.0.J
|
|
| AMD | AMD EPYC™ 9005 Series Processors |
Unaffected:
TurinPI_1.0.0.8
|
|
| AMD | AMD EPYC™ 8004 Series Processors |
Unaffected:
GenoaPI_1.0.0.H
|
|
| AMD | AMD EPYC™ Embedded 7003 Series Processors |
Unaffected:
EmbMilanPI-SP3 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo") |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 8004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.D
|
|
| AMD | AMD EPYC™ Embedded 9005 Series Processors |
Unaffected:
EmbeddedTurinPI_SP5_1004
|
Date Public ?
2026-05-13 03:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61971",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T14:37:29.592995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T14:37:35.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MilanPI-SP3_1.0.0.J"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "TurinPI_1.0.0.8"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI_1.0.0.H"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbMilanPI-SP3 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.D"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedTurinPI_SP5_1004"
}
]
}
],
"datePublic": "2026-05-13T03:00:33.777Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.\u003cbr\u003e"
}
],
"value": "Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1233",
"description": "CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:02:55.705Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-61971",
"datePublished": "2026-05-13T03:02:55.705Z",
"dateReserved": "2025-10-04T18:09:57.018Z",
"dateUpdated": "2026-05-13T14:37:35.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}