Description

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in (1) an out-of-bounds read which leaks Secure-EL0 information to a process running in Non-Secure state or (2) an out-of-bounds write which corrupts Secure or Non-Secure memory, limited to memory mapped to UEFI-MM Secure Partition by the Secure Partition Manager.

INFO

Published Date :

2025-12-16T00:00:00.000Z

Last Modified :

2025-12-17T18:51:40.780Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-62862 vulnerability.

Vendors Products
Amperecomputing
  • Ampereone A128-34x
  • Ampereone A128-34x Firmware
  • Ampereone A144-24x
  • Ampereone A144-24x Firmware
  • Ampereone A144-26m
  • Ampereone A144-26m Firmware
  • Ampereone A144-27x
  • Ampereone A144-27x Firmware
  • Ampereone A144-33m
  • Ampereone A144-33m Firmware
  • Ampereone A160-28m
  • Ampereone A160-28m Firmware
  • Ampereone A160-28x
  • Ampereone A160-28x Firmware
  • Ampereone A192-26m
  • Ampereone A192-26m Firmware
  • Ampereone A192-26x
  • Ampereone A192-26x Firmware
  • Ampereone A192-32m
  • Ampereone A192-32m Firmware
  • Ampereone A192-32x
  • Ampereone A192-32x Firmware
  • Ampereone A96-36m
  • Ampereone A96-36m Firmware
  • Ampereone A96-36x
  • Ampereone A96-36x Firmware
  • Amperone
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-62862.

URL Resource
https://amperecomputing.com/products/product-security cve-icon cve-icon
https://amperecomputing.com/products/security-bulletins/amp-sb-0007 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact