CVE-2025-62626
7.2
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Summary
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AMD | AMD Ryzen™ 9000HX Series Processors | FireRangeFL1PI 1.0.0.0e | unaffected |
| AMD | AMD EPYC™ 9005 Series Processors | Turin C1 : 0x0B00215A Turin Dense / B0: 0x0B101054 | unaffected |
Weaknesses
- CWE-333: CWE-333 Improper Handling of Insufficient Entropy in TRNG
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.