CVE-2025-62864

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-62864
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://amperecomputing.com/products/product-security Vendor Advisory
https://amperecomputing.com/products/security-bulletins/amp-sb-0007 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-32m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32m:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26m:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a160-28m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28m:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-33m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-33m:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-26m:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a96-36m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36m:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a96-36x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36x:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a128-34x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a128-34x:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-24x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-24x:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a144-27x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-27x:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a160-28x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28x:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-26x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26x:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-26x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26x:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:amperecomputing:ampereone_a192-32x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32x:-:*:*:*:*:*:*:*
History

13 Jan 2026, 20:58

Type Values Removed Values Added
References () https://amperecomputing.com/products/product-security - () https://amperecomputing.com/products/product-security - Vendor Advisory
References () https://amperecomputing.com/products/security-bulletins/amp-sb-0007 - () https://amperecomputing.com/products/security-bulletins/amp-sb-0007 - Vendor Advisory
First Time Amperecomputing ampereone A160-28m Firmware
Amperecomputing ampereone A160-28m
Amperecomputing ampereone A144-24x
Amperecomputing ampereone A192-32x
Amperecomputing ampereone A160-28x Firmware
Amperecomputing ampereone A144-26m
Amperecomputing ampereone A192-26m Firmware
Amperecomputing ampereone A96-36x Firmware
Amperecomputing
Amperecomputing ampereone A128-34x
Amperecomputing ampereone A192-26x Firmware
Amperecomputing ampereone A160-28x
Amperecomputing ampereone A144-33m
Amperecomputing ampereone A96-36m Firmware
Amperecomputing ampereone A192-26m
Amperecomputing ampereone A144-26m Firmware
Amperecomputing ampereone A144-27x Firmware
Amperecomputing ampereone A96-36m
Amperecomputing ampereone A144-27x
Amperecomputing ampereone A192-26x
Amperecomputing ampereone A96-36x
Amperecomputing ampereone A192-32m
Amperecomputing ampereone A128-34x Firmware
Amperecomputing ampereone A144-24x Firmware
Amperecomputing ampereone A192-32x Firmware
Amperecomputing ampereone A192-32m Firmware
Amperecomputing ampereone A144-33m Firmware
CPE cpe:2.3:o:amperecomputing:ampereone_a144-33m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a144-24x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-26x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-26m:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a144-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-32x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-33m:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-26m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a128-34x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-24x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a160-28x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a96-36m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a144-27x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a192-32m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28x:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a160-28m:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a128-34x:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36x:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a144-27x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26m:-:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a160-28m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:amperecomputing:ampereone_a96-36x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-26x:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a96-36m:-:*:*:*:*:*:*:*
cpe:2.3:h:amperecomputing:ampereone_a192-32m:-:*:*:*:*:*:*:*

17 Dec 2025, 15:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
CWE CWE-787

16 Dec 2025, 18:16

Type Values Removed Values Added
New CVE
Information

Published : 2025-12-16 18:16

Updated : 2026-01-13 20:58

NVD link : CVE-2025-62864

Mitre link : CVE-2025-62864

CVE.ORG link : CVE-2025-62864

JSON object : View

Products Affected

amperecomputing

  • ampereone_a96-36m
  • ampereone_a160-28m_firmware
  • ampereone_a160-28x
  • ampereone_a192-32m
  • ampereone_a96-36m_firmware
  • ampereone_a128-34x_firmware
  • ampereone_a144-24x
  • ampereone_a192-26x_firmware
  • ampereone_a144-27x_firmware
  • ampereone_a160-28m
  • ampereone_a192-26m_firmware
  • ampereone_a144-26m
  • ampereone_a144-24x_firmware
  • ampereone_a96-36x
  • ampereone_a128-34x
  • ampereone_a96-36x_firmware
  • ampereone_a192-32m_firmware
  • ampereone_a192-32x
  • ampereone_a160-28x_firmware
  • ampereone_a192-26m
  • ampereone_a192-32x_firmware
  • ampereone_a144-33m_firmware
  • ampereone_a144-26m_firmware
  • ampereone_a192-26x
  • ampereone_a144-27x
  • ampereone_a144-33m
CWE
CWE-787

Out-of-bounds Write