CVE-2025-62862

Published: Dec 16, 2025

Modified: Dec 17, 2025

PUBLISHED

Description

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in (1) an out-of-bounds read which leaks Secure-EL0 information to a process running in Non-Secure state or (2) an out-of-bounds write which corrupts Secure or Non-Secure memory, limited to memory mapped to UEFI-MM Secure Partition by the Secure Partition Manager.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://amperecomputing.com/products/product-security

https://amperecomputing.com/products/security-bulletins/amp-sb-0007

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-62862

Description

Affected Products

References