Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2025-29952

CVE-2025-29952

MEDIUM5.9

Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity

Published Feb 10, 2026

Modified 1 months ago

Details

Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html

https://www.cve.org/CVERecord?id=CVE-2025-29952

CVSS Analysis

CVSS v4.0

5.9

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Attack Requirements

NoneAT:N

Privileges Required

HighPR:H

User Interaction

NoneUI:N

Vulnerable System

Vuln. Confidentiality

NoneVC:N

Vuln. Integrity

NoneVI:N

Vuln. Availability

NoneVA:N

Subsequent System

Subseq. Confidentiality

NoneSC:N

Subseq. Integrity

HighSI:H

Subseq. Availability

NoneSA:N

5.9/CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N

Weakness Type (CWE)

Other

Ecosystems

Timeline

PublishedFeb 10, 2026

ModifiedFeb 10, 2026

CVE-2025-29952 | Mondoo Vulnerability Intelligence