Skip to main content

SEV CVE-2025-48514

Insufficient Granularity of Access Control (CWE-1220)
2026-02-10 psirt@amd.com

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:02 vuln.today
CVE Published
Feb 10, 2026 - 20:16 nvd
N/A

DescriptionCVE.org

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.

Analysis

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.

Technical ContextAI

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.

Affected ProductsAI

Insufficient Granularity of Access Control in SEV firmware can

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2025-48514 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy