CVE-2025-54505

Summary

A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 7001 Series ProcessorsOS updateunaffected
AMDAMD EPYC™ Embedded 3000 Series ProcessorsOS Updateunaffected

Weaknesses

  • CWE-1420: CWE-1420 Exposure of Sensitive Information during Transient Execution

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References