AMD EPYC 9005 CPUs: Guest Data Exposure by Authorized Users

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.9

AMD EPYC 9005 CPUs: Guest Data Exposure by Authorized Users

CVE-2025-54510

Summary

A security issue in AMD EPYC 9005 Series CPUs could allow a user with certain privileges to access sensitive data in a virtual environment. This could potentially happen when a user with authorized access attempts to access another user's virtual environment. Affected users should update their systems to the latest firmware and follow best practices for secure virtualization.

Original title

A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, pot...

Original description

nvd CVSS4.0 5.9

Vulnerability type

CWE-414

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3034.html

Published: 16 Apr 2026 · Updated: 17 Apr 2026 · First seen: 16 Apr 2026