CVE-2025-54520
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-26
Assigner: Advanced Micro Devices Inc.
Description
Description
Improper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platform resulting in a loss of confidentiality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | alveo_cards | * |
| amd | versal_adaptive_soc | * |
| amd | artix_7_series_fpga | * |
| amd | kria_som | * |
| amd | artix_ultrascale_plus_fpga | * |
| amd | kintex_ultrascale_fpga | * |
| amd | virtex_ultrascale_fpga | * |
| amd | zynq_ultrascale_rf_soc | * |
| amd | kintex_7_series_fpga | * |
| amd | zynq_ultrascale_mpsoc | * |
| amd | spartan_6_fpga | * |
| amd | spartan_ultrascale_plus_fpga | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1247 | The device does not contain or contains incorrectly implemented circuitry or sensors to detect and mitigate voltage and clock glitches and protect sensitive information or software contained on the device. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper protection against voltage and clock glitches in FPGA devices. An attacker with physical access can exploit this by undervolting the platform, which may lead to a loss of confidentiality.
How can this vulnerability impact me? :
If exploited, this vulnerability can result in a loss of confidentiality, meaning sensitive information processed or stored on the affected FPGA devices could be exposed to unauthorized parties.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70