AI description
CVE-2025-62626 affects AMD Zen 5 processors and involves a flaw in the RDSEED instruction, which is used for generating cryptographically secure random numbers. The vulnerability stems from improper handling of insufficient entropy, causing the RDSEED instruction to sometimes return a zero value while incorrectly signaling success. This can lead software to believe it has received a valid random number when it has actually obtained a predictable zero value. The issue impacts the 16-bit and 32-bit forms of the RDSEED instruction. This can result in weak encryption keys, predictable authentication tokens, or compromised security protocols because applications may consume insufficiently random values. A local attacker could potentially influence the values returned by RDSEED, further degrading randomness quality. AMD plans to release microcode patches to address this vulnerability.
- Description
- Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values.
- Source
- psirt@amd.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- psirt@amd.com
- CWE-333
- Hype score
- Not currently trending
CVE-2025-62626 Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulti… https://t.co/UevJsQuJAw
@CVEnew
21 Nov 2025
253 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ryzen 9000シリーズなどZen 5 CPUに脆弱性・不具合。BIOSアップデートで修正予定。EPYCも影響。『CVE-2025-62626』 | ニッチなPCゲーマーの環境構築Z https://t.co/gHC9XYPdlv
@44104415
9 Nov 2025
11 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
RDSEED Failure on AMD “Zen 5” Processors (CVE-2025-62626) https://t.co/Tktzp3zqeZ #patchmanagement
@eyalestrin
5 Nov 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AMD确认所有Zen 5处理器存在严重漏洞 AMD已确认一个影响其整个Zen 5架构处理器产品线的高严重性漏洞,包括热门的Ryzen 9000系列、Threadripper和EPYC服务器芯片。该漏洞被指定为AMD-SB-7055,追踪编号为CVE-2025-62626,它危
@APPDOTG
5 Nov 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
あら、うちのRayzen7 9800x3dも対象か〜 Ryzen 9000シリーズなどZen 5 CPUに脆弱性・不具合。BIOSアップデートで修正予定。EPYCも影響。『CVE-2025-62626』 | ニッチなPCゲーマーの環境構築Z https://t.co/GVoim6TYtp
@Palma1234567890
5 Nov 2025
204 Impressions
1 Retweet
10 Likes
0 Bookmarks
1 Reply
0 Quotes
Ryzen 9000シリーズなどZen 5 CPUに脆弱性・不具合。BIOSアップデートで修正予定。EPYCも影響。『CVE-2025-62626』 | ニッチなPCゲーマーの環境構築Z https://t.co/UJ6erPWHjY
@Kuroneko_353
5 Nov 2025
189 Impressions
1 Retweet
10 Likes
0 Bookmarks
0 Replies
0 Quotes
Ryzen 9000シリーズなどZen 5 CPUに脆弱性・不具合。BIOSアップデートで修正予定。EPYCも影響。『CVE-2025-62626』 | ニッチなPCゲーマーの環境構築Z https://t.co/i03za6Xyfi
@rayfill
4 Nov 2025
496 Impressions
4 Retweets
5 Likes
0 Bookmarks
0 Replies
0 Quotes
AMDの最新CPU「Zen 5」に暗号の根幹を揺るがす欠陥が発覚した。乱数生成命令「RDSEED」が誤動作し、成功を示しながらゼロ値を返す可能性があるという。 この脆弱性(CVE-2025-62626、CVSS
@yousukezan
4 Nov 2025
23342 Impressions
108 Retweets
228 Likes
56 Bookmarks
0 Replies
9 Quotes