CVE-2025-54515

Summary

The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state.

Affected Software

VendorProductVersion RangeStatus
AMDVersal™ Adaptive SoC Devices2025.2unaffected
AMDVersal™ RF Series2025.2unaffected
AMDVersal™ AI Edge Series2025.2unaffected
AMDVersal™ Prime Series2025.2unaffected
AMDVersal™ Premium Series2025.2unaffected
AMDVersal™ AI Core Series2025.2unaffected
AMDVersal™ HBM Series2025.2unaffected
AMDAlveo™ V80 Compute Accelerator2025.2unaffected

Weaknesses

  • CWE-1284: CWE-1284 Improper Validation of Specified Quantity in Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References