CVE-2025-52536
Awaiting Analysis
Awaiting Analysis - Queue
Firmware Downgrade via Lock Bit Modification Flaw in AMD SEV
Vulnerability report for CVE-2025-52536, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-02-10
Last updated on: 2026-02-10
Assigner: Advanced Micro Devices Inc.
Description
Description
Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | sev_firmware | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1231 | The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set. |