Skip to main content

CVE-2025-0037

| EUVDEUVD-2025-17611 MEDIUM
Improper Input Validation (CWE-20)
2025-06-10 psirt@amd.com
6.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.6 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17611
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 00:15 nvd
MEDIUM 6.6

DescriptionCVE.org

In AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime services through the PLM firmware can allow access to isolated or protected memory spaces, resulting in the loss of integrity and confidentiality.

AnalysisAI

CVE-2025-0037 is a security vulnerability (CVSS 6.6) that allows access. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

CWE-20 (Improper Input Validation).

RemediationAI

Monitor vendor channels for patch availability.

Share

CVE-2025-0037 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy