CVE-2025-52536 — Improper Prevention of Lock Bit Modification in Amd64-microcode

CWE-1231 — Improper Prevention of Lock Bit Modification5 documents5 sources

Severity

6.7MEDIUMNVD

EPSS

0.0%

top 95.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Amd64-microcode

Timeline

PublishedFeb 10

Description

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Packages1 packages

▶debiandebian/amd64-microcode

🔴Vulnerability Details

OSV

CVE-2025-52536: Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss o↗2026-02-10

▶

GHSA

GHSA-546x-462h-qqw8: Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss o↗2026-02-10

▶

📋Vendor Advisories

Debian

CVE-2025-52536: amd64-microcode - Improper Prevention of Lock Bit Modification in SEV firmware could allow a privi...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-52536 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶