Question 1

What is CVE-2025-54502 — CVE-2025-54502?

Accepted Answer

Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.

Question 2

What is the authoritative source for CVE-2025-54502?

Accepted Answer

CVE-2025-54502 (CVE-2025-54502) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	7.5 ()
Vector	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Last modified	2026-06-30

CVE-2025-54502CVE-2025-54502

Description

Scoring