CVE-2025-62862 is a firmware vulnerability impacting Ampere AmpereOne AC03, AC04, and M devices running firmware versions before 3.5.9.3, 4.4.5.2, and 5.4.5.1 respectively. The flaw exists in the handling of Secure Monitor Calls (SMCs) directed at the UEFI-MM Boot Error Record Table driver. Specifically, an incorrectly formed SMC call can trigger an out-of-bounds memory operation within the UEFI-MM Secure Partition managed by the Secure Partition Manager. Two primary issues arise: (1) an out-of-bounds read that leaks Secure-EL0 (Exception Level 0) information to processes operating in the Non-Secure state, potentially exposing sensitive secure firmware or system data, and (2) an out-of-bounds write that can corrupt memory in either Secure or Non-Secure partitions, risking system stability and integrity. The vulnerability leverages the privileged firmware interface between secure and non-secure execution states on ARM-based Ampere processors. Although no known exploits are currently reported in the wild, the vulnerability could be exploited by a local attacker or malicious software with the ability to issue crafted SMC calls, possibly leading to privilege escalation or data leakage. The affected devices are commonly used in cloud and enterprise server environments, making this a significant concern for infrastructure security. The lack of a CVSS score necessitates an assessment based on the impact on confidentiality, integrity, and availability, ease of exploitation, and scope of affected systems. The vulnerability requires no user interaction but does require access to firmware interfaces, which may be limited to privileged users or processes. The potential impact on secure data confidentiality and system integrity justifies a high severity rating.

For European organizations, the impact of CVE-2025-62862 could be substantial, especially for those relying on Ampere AmpereOne AC03, AC04, or M devices in data centers, cloud infrastructure, or critical enterprise systems. The out-of-bounds read vulnerability can lead to leakage of sensitive secure firmware or system information, undermining confidentiality guarantees of the secure execution environment. This could facilitate further attacks such as privilege escalation or extraction of cryptographic keys. The out-of-bounds write vulnerability risks corruption of secure or non-secure memory, potentially causing system instability, denial of service, or unauthorized code execution. Given the firmware-level nature of the flaw, exploitation could bypass many traditional security controls, making detection and mitigation more challenging. Organizations in sectors such as finance, telecommunications, government, and cloud service providers are at heightened risk due to the criticality of their infrastructure and the sensitivity of data processed. The vulnerability could also impact supply chain security and trust in secure boot and firmware integrity mechanisms. Without timely patching, attackers with local access or the ability to run code on affected devices could exploit this vulnerability to compromise system security.

1. Immediately inventory and identify all Ampere AmpereOne AC03, AC04, and M devices in your environment and verify firmware versions. 2. Coordinate with Ampere or device vendors to obtain and apply firmware updates that address this vulnerability as soon as they become available. 3. Restrict access to firmware interfaces and SMC call capabilities to only trusted and authorized users or processes, minimizing the attack surface. 4. Implement strict privilege separation and monitoring on systems running affected devices to detect anomalous or unauthorized SMC calls. 5. Employ runtime integrity monitoring tools capable of detecting memory corruption or unusual firmware behavior. 6. For cloud or multi-tenant environments, isolate workloads to prevent cross-tenant exploitation of firmware vulnerabilities. 7. Review and harden secure boot and secure partition configurations to limit exposure of sensitive secure memory regions. 8. Engage in threat hunting and incident response readiness focused on firmware-level attacks and memory corruption indicators. 9. Maintain up-to-date backups and recovery plans to mitigate potential denial-of-service or corruption impacts. 10. Collaborate with Ampere support and security advisories to stay informed about emerging exploits or patches.