CVE-2025-62864 | Ampere AmpereOne AC03/AmpereOne AC04/AmpereOne M prior 3.5.9.3/4.4.5.2/5.4.5.1 UEFI-MM MMCommunicate Service out-of-bounds write

A vulnerability was found in Ampere AmpereOne AC03, AmpereOne AC04 and AmpereOne M and classified as critical. The affected element is an unknown function of the component UEFI-MM MMCommunicate Service. Such manipulation leads to out-of-bounds write.

This vulnerability is traded as CVE-2025-62864. Access to the local network is required for this attack to succeed. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More