CVE-2025-61972: CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection in AMD AMD EPYC™ 9004 Series Processors
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
AI Analysis
Technical Summary
CVE-2025-61972 is a vulnerability in AMD EPYC™ 9004 Series Processors characterized by missing lock bit protection on NBIO registers. This flaw permits a local attacker with administrative privileges to access the System Management Network (SMN) arbitrarily. Exploiting this access can result in arbitrary code execution within the AMD Secure Processor (ASP), undermining the confidentiality and integrity guarantees of SEV-SNP guests. The vulnerability is rated high severity with a CVSS 4.0 score of 8.5, reflecting its potential impact and complexity. No patch or official remediation level has been disclosed by AMD, and no exploits have been observed in the wild.
Potential Impact
A local administrator could exploit this vulnerability to gain unauthorized access to the System Management Network, enabling arbitrary code execution in the AMD Secure Processor. This could lead to a breach of the confidentiality and integrity of SEV-SNP guests running on affected processors. The impact is significant given the role of the AMD Secure Processor in protecting sensitive operations and data.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official remediation level or patch links are provided, organizations should monitor AMD's advisories for updates. Until a fix is available, restricting local administrative access and applying defense-in-depth controls around systems using AMD EPYC™ 9004 Series Processors may reduce risk.
CVE-2025-61972: CWE-1233 Security-Sensitive Hardware Controls with Missing Lock Bit Protection in AMD AMD EPYC™ 9004 Series Processors
Description
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-61972 is a vulnerability in AMD EPYC™ 9004 Series Processors characterized by missing lock bit protection on NBIO registers. This flaw permits a local attacker with administrative privileges to access the System Management Network (SMN) arbitrarily. Exploiting this access can result in arbitrary code execution within the AMD Secure Processor (ASP), undermining the confidentiality and integrity guarantees of SEV-SNP guests. The vulnerability is rated high severity with a CVSS 4.0 score of 8.5, reflecting its potential impact and complexity. No patch or official remediation level has been disclosed by AMD, and no exploits have been observed in the wild.
Potential Impact
A local administrator could exploit this vulnerability to gain unauthorized access to the System Management Network, enabling arbitrary code execution in the AMD Secure Processor. This could lead to a breach of the confidentiality and integrity of SEV-SNP guests running on affected processors. The impact is significant given the role of the AMD Secure Processor in protecting sensitive operations and data.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official remediation level or patch links are provided, organizations should monitor AMD's advisories for updates. Until a fix is available, restricting local administrative access and applying defense-in-depth controls around systems using AMD EPYC™ 9004 Series Processors may reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- AMD
- Date Reserved
- 2025-10-04T18:09:57.018Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a03f1b8cbff5d86104eada5
Added to database: 5/13/2026, 3:36:24 AM
Last enriched: 5/13/2026, 3:51:54 AM
Last updated: 5/13/2026, 5:02:00 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.