CVE-2025-12902

Summary

Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked Storage Device or create a Denial of Service.

Affected Software

VendorProductVersion RangeStatus
Solidigm™D5-P5316, D5-P5430, D7-P5520/D7-P5620, D5-P5336All FW prior to ACV10360affected
Solidigm™D5-P5316, D5-P5430, D7-P5520/D7-P5620, D5-P5336All FW prior to 6DV10341(8K IU) 6CV10241(4K IU)affected
Solidigm™D5-P5316, D5-P5430, D7-P5520/D7-P5620, D5-P5336All FW prior to 9CV10490affected
Solidigm™D5-P5316, D5-P5430, D7-P5520/D7-P5620, D5-P5336All FW prior to 5CV10326affected

Weaknesses

  • CWE-665: CWE-665 Improper Initialization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References