CVE-2025-54515
Description
The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-54515? +
How do I check if I'm vulnerable to CVE-2025-54515? +
Related Vulnerabilities
Incorrect authentication vulnerability in ParkingDoor. Through this vulnerability it is possible to operate the device without the access being logged …
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows …
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access …
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from …
N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N-central: before 2025.4.
The security state of the calling processor into Trusted Firmware (TF-A) is not used and could potentially allow non-secure processors …