CVE-2025-62862

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-62862
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in (1) an out-of-bounds read which leaks Secure-EL0 information to a process running in Non-Secure state or (2) an out-of-bounds write which corrupts Secure or Non-Secure memory, limited to memory mapped to UEFI-MM Secure Partition by the Secure Partition Manager.

4.6 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 2.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References
Link Resource
https://amperecomputing.com/products/product-security Vendor Advisory
https://amperecomputing.com/products/security-bulletins/amp-sb-0007 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-32m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32m:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26m:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a160-28m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28m:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-33m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-33m:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-26m:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a96-36m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36m:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a96-36x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36x:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a128-34x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a128-34x:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-24x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-24x:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-27x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-27x:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a160-28x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28x:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-26x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26x:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-26x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26x:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-32x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32x:-:*:*:*:*:*:*:*
History

31 Dec 2025, 00:28

Type Values Removed Values Added
First Time Amperecomputing ampereone A160-28m Firmware
Amperecomputing ampereone A160-28m
Amperecomputing ampereone A144-24x
Amperecomputing ampereone A192-32x
Amperecomputing ampereone A160-28x Firmware
Amperecomputing ampereone A144-26m
Amperecomputing ampereone A192-26m Firmware
Amperecomputing ampereone A96-36x Firmware
Amperecomputing
Amperecomputing ampereone A128-34x
Amperecomputing ampereone A192-26x Firmware
Amperecomputing ampereone A160-28x
Amperecomputing ampereone A144-33m
Amperecomputing ampereone A96-36m Firmware
Amperecomputing ampereone A192-26m
Amperecomputing ampereone A144-26m Firmware
Amperecomputing ampereone A144-27x Firmware
Amperecomputing ampereone A96-36m
Amperecomputing ampereone A144-27x
Amperecomputing ampereone A192-26x
Amperecomputing ampereone A96-36x
Amperecomputing ampereone A192-32m
Amperecomputing ampereone A128-34x Firmware
Amperecomputing ampereone A144-24x Firmware
Amperecomputing ampereone A192-32x Firmware
Amperecomputing ampereone A192-32m Firmware
Amperecomputing ampereone A144-33m Firmware
CPE cpe:2.3:o:amperecomputing:ampereone_a144-33m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a144-24x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-26x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-26m:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a144-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-32x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-33m:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a128-34x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-24x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a160-28x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a96-36m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-27x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-32m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28x:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28m:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a128-34x:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a144-27x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26m:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a160-28m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a96-36x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26x:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36m:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32m:-:*:*:*:*:*:*:*
References () https://amperecomputing.com/products/product-security - () https://amperecomputing.com/products/product-security - Vendor Advisory
References () https://amperecomputing.com/products/security-bulletins/amp-sb-0007 - () https://amperecomputing.com/products/security-bulletins/amp-sb-0007 - Vendor Advisory

17 Dec 2025, 19:16

Type Values Removed Values Added
CWE CWE-125
CWE-787
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.6

16 Dec 2025, 17:16

Type Values Removed Values Added
New CVE
Information

Published : 2025-12-16 17:16

Updated : 2025-12-31 00:28

NVD link : CVE-2025-62862

Mitre link : CVE-2025-62862

CVE.ORG link : CVE-2025-62862

JSON object : View

Products Affected

amperecomputing

  • ampereone_a96-36m
  • ampereone_a160-28m_firmware
  • ampereone_a160-28x
  • ampereone_a192-32m
  • ampereone_a96-36m_firmware
  • ampereone_a128-34x_firmware
  • ampereone_a144-24x
  • ampereone_a192-26x_firmware
  • ampereone_a144-27x_firmware
  • ampereone_a160-28m
  • ampereone_a192-26m_firmware
  • ampereone_a144-26m
  • ampereone_a144-24x_firmware
  • ampereone_a96-36x
  • ampereone_a128-34x
  • ampereone_a96-36x_firmware
  • ampereone_a192-32m_firmware
  • ampereone_a192-32x
  • ampereone_a160-28x_firmware
  • ampereone_a192-26m
  • ampereone_a192-32x_firmware
  • ampereone_a144-33m_firmware
  • ampereone_a144-26m_firmware
  • ampereone_a192-26x
  • ampereone_a144-27x
  • ampereone_a144-33m
CWE
CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write