Description
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
Published: 2026-05-13
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from the absence of lock‑bit protection on NBIO registers, allowing a local administrator to alter MMIO routing configurations. Altering these routes can compromise the integrity of SEV‑SNP guests, potentially exposing sensitive data or allowing further privilege escalation within the virtualized environment.

Affected Systems

AMD EPYC 7003, 8004, 9004, 9005 series processors and embedded variants (including former code names Genoa, Bergamo, and 9004 Embedded).

Risk and Exploitability

The CVSS score of 5.9 indicates moderate severity, and no EPSS data is currently available; the vulnerability is not listed in CISA KEV. Exploitation requires local admin rights and access to the platform’s NBIO registers, meaning the attack vector is local and requires privileged execution. An attacker who succeeds could re‑route memory accesses to bypass SEV‑SNP protection, leading to data corruption or leakage.

Generated by OpenCVE AI on May 13, 2026 at 04:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any AMD firmware patch that implements lock‑bit protection for NBIO registers
  • Limit local administrator privileges and enforce least‑privilege principles to prevent unauthorized MMIO changes
  • Deploy runtime monitoring of MMIO routing and validate SEV‑SNP guest integrity logs for anomalous behavior

Generated by OpenCVE AI on May 13, 2026 at 04:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 13 May 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd epyc 7003 Series Processors
Amd epyc 8004 Series Processors
Amd epyc 9004 Series Processors
Amd epyc 9005 Series Processors
Amd epyc Embedded 7003 Series Processors
Amd epyc Embedded 8004 Series Processors
Amd epyc Embedded 9004 Series Processors
Amd epyc Embedded 9005 Series Processors
Vendors & Products Amd
Amd epyc 7003 Series Processors
Amd epyc 8004 Series Processors
Amd epyc 9004 Series Processors
Amd epyc 9005 Series Processors
Amd epyc Embedded 7003 Series Processors
Amd epyc Embedded 8004 Series Processors
Amd epyc Embedded 9004 Series Processors
Amd epyc Embedded 9005 Series Processors

Wed, 13 May 2026 04:30:00 +0000

Type Values Removed Values Added
Title Insufficient Lock‑Bit Protection Enabling Unauthorized MMIO Routing Modification

Wed, 13 May 2026 03:30:00 +0000

Type Values Removed Values Added
Description Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
Weaknesses CWE-1233
References
Metrics cvssV4_0

{'score': 5.9, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N'}

Subscriptions

Amd Epyc 7003 Series Processors Epyc 8004 Series Processors Epyc 9004 Series Processors Epyc 9005 Series Processors Epyc Embedded 7003 Series Processors Epyc Embedded 8004 Series Processors Epyc Embedded 9004 Series Processors Epyc Embedded 9005 Series Processors
cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2026-05-13T14:37:35.830Z

Reserved: 2025-10-04T18:09:57.018Z

Link: CVE-2025-61971

cve-icon Vulnrichment

Updated: 2026-05-13T14:37:33.127Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T04:17:31.187

Modified: 2026-05-13T14:49:11.830

Link: CVE-2025-61971

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T10:34:59Z

Weaknesses