CVE-2025-29952
Awaiting Analysis
Awaiting Analysis - Queue
Improper Initialization in AMD SEV Firmware Risks Memory Integrity
Vulnerability report for CVE-2025-29952, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-02-10
Last updated on: 2026-02-10
Assigner: Advanced Micro Devices Inc.
Description
Description
Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | secure_encrypted_virtualization | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-457 | The code uses a variable that has not been initialized, leading to unpredictable or unintended results. |