CVE-2025-48517

2026-02-10 [email protected]

Lifecycle Timeline

2

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

CVE Published

Feb 10, 2026 - 20:16 nvd

N/A

Description

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

Analysis

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

Technical Context

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

Affected Products

Insufficient Granularity of Access Control in SEV firmware could

Remediation

Monitor vendor advisories for a patch.

Priority Score

0

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +0

POC: 0

Share

CVE-2025-48517 vulnerability details – vuln.today

Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy

CVE-2025-48517

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code