CVE-2025-61972

Vulnerability Description

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.

Related Weaknesses (CWE)

CWE-1233

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html

FAQ

What is CVE-2025-61972?

CVE-2025-61972 is a documented vulnerability. Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution...

How severe is CVE-2025-61972?

CVSS scoring is not yet available for CVE-2025-61972. Check NVD for updates.

Is there a patch for CVE-2025-61972?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.