CVE-2025-54515
1
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Summary
The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AMD | Versal™ Adaptive SoC Devices | 2025.2 | unaffected |
| AMD | Versal™ RF Series | 2025.2 | unaffected |
| AMD | Versal™ AI Edge Series | 2025.2 | unaffected |
| AMD | Versal™ Prime Series | 2025.2 | unaffected |
| AMD | Versal™ Premium Series | 2025.2 | unaffected |
| AMD | Versal™ AI Core Series | 2025.2 | unaffected |
| AMD | Versal™ HBM Series | 2025.2 | unaffected |
| AMD | Alveo™ V80 Compute Accelerator | 2025.2 | unaffected |
Weaknesses
- CWE-1284: CWE-1284 Improper Validation of Specified Quantity in Input
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.