CVE-2025-52534Improper Validation of Specified Quantity in Input in Amd64-microcode

CWE-1284Improper Validation of Specified Quantity in Input5 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 68.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Amd64-microcode
Timeline
PublishedFeb 10

Description

Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Affected Packages1 packages

🔴Vulnerability Details

2
OSV
CVE-2025-52534: Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity2026-02-10
GHSA
GHSA-633w-44jw-wrp4: Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity2026-02-10

📋Vendor Advisories

1
Debian
CVE-2025-52534: amd64-microcode - Improper bound check within AMD CPU microcode can allow a malicious guest to wri...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-52534 Impact, Exploitability, and Mitigation Steps | Wiz