CVE-2025-29951

A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution.

CVSS

No CVSS.

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Un desbordamiento de búfer en el bootloader del AMD Secure Processor (ASP) podría permitir a un atacante sobrescribir memoria, lo que podría resultar en escalada de privilegios y ejecución de código arbitrario.

10 Feb 2026, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-10 20:16

Updated : 2026-04-15 00:35

NVD link : CVE-2025-29951

Mitre link : CVE-2025-29951

CVE.ORG link : CVE-2025-29951

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2025-29951", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@amd.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.3, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-10T20:16:44.630", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html", "source": "psirt@amd.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "psirt@amd.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en el bootloader del AMD Secure Processor (ASP) podr\u00eda permitir a un atacante sobrescribir memoria, lo que podr\u00eda resultar en escalada de privilegios y ejecuci\u00f3n de c\u00f3digo arbitrario."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "psirt@amd.com"}

CVE-2025-29951

JSON object

Attach tags to CVE-2025-29951

Attach tags to `CVE-2025-29951`