Join the Cyber Forum: Threat Intel on May 12, 2026 to learn how AI is reshaping threat defense.Join the Virtual Cyber Forum: Threat IntelRegister Now
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2025-29949

CVE-2025-29949: AMD Secure Processor DoS Vulnerability

CVE-2025-29949 is a denial of service flaw in AMD Secure Processor Boot Loader (legacy recovery mode) that allows attackers to corrupt Secure DRAM through out-of-bounds writes. This article covers technical details, impact, and fixes.

Published: February 13, 2026

CVE-2025-29949 Overview

CVE-2025-29949 is an out-of-bounds write vulnerability affecting the AMD Secure Processor (ASP) Boot Loader when operating in legacy recovery mode. The vulnerability stems from insufficient input parameter sanitization, which allows an attacker with local access to write beyond intended memory boundaries and corrupt Secure DRAM. This memory corruption can potentially result in denial of service conditions affecting the system's secure boot process.

Critical Impact

Local attackers with low-level system access can corrupt Secure DRAM through out-of-bounds writes in AMD Secure Processor Boot Loader legacy recovery mode, potentially causing denial of service.

Affected Products

  • AMD Secure Processor (ASP) Boot Loader (legacy recovery mode)
  • AMD systems utilizing ASP Boot Loader with legacy recovery functionality

Discovery Timeline

  • 2026-02-10 - CVE-2025-29949 published to NVD
  • 2026-02-10 - Last updated in NVD database

Technical Details for CVE-2025-29949

Vulnerability Analysis

This vulnerability is classified under CWE-787 (Out-of-Bounds Write), a memory corruption weakness that occurs when software writes data past the end, or before the beginning, of an intended buffer. In the context of CVE-2025-29949, the AMD Secure Processor Boot Loader fails to properly sanitize input parameters when operating in legacy recovery mode.

The AMD Secure Processor (ASP) is a dedicated security coprocessor embedded in AMD CPUs that handles sensitive cryptographic operations and secure boot validation. The Boot Loader component is responsible for initializing the secure environment and loading subsequent firmware components. When the system enters legacy recovery mode, the Boot Loader processes input parameters that, due to insufficient validation, can be manipulated to trigger writes outside the designated Secure DRAM boundaries.

The exploitation requires local access to the target system with low privileges. While the attack complexity is low, the impact is constrained to availability disruption through memory corruption. The vulnerability does not appear to enable confidentiality or integrity breaches based on the available analysis.

Root Cause

The root cause of CVE-2025-29949 lies in inadequate input parameter sanitization within the ASP Boot Loader code path specifically triggered during legacy recovery mode operations. When processing certain input parameters, the Boot Loader fails to validate that the resulting memory write operations remain within the bounds of allocated Secure DRAM regions. This missing boundary check allows crafted inputs to cause the processor to write data to unintended memory locations, corrupting the secure memory space.

Attack Vector

The attack vector is local, requiring the attacker to have direct access to the vulnerable system. The exploitation scenario involves:

  1. An attacker with local access and low-level privileges targets a system with an AMD processor containing the vulnerable ASP Boot Loader
  2. The attacker triggers the legacy recovery mode functionality, potentially through specific system states or boot configurations
  3. Malicious input parameters are passed to the Boot Loader that exploit the insufficient sanitization
  4. The unsanitized parameters cause the Boot Loader to perform out-of-bounds write operations
  5. Secure DRAM is corrupted, potentially causing the system to become unresponsive or fail secure boot validation

The vulnerability specifically manifests only when the ASP Boot Loader operates in legacy recovery mode, limiting the attack surface to scenarios where this mode is actively engaged. Technical details regarding specific parameter manipulation techniques should be referenced in the AMD Security Bulletin #4013.

Detection Methods for CVE-2025-29949

Indicators of Compromise

  • Unexpected system crashes or reboots during boot sequences, particularly when recovery mode is involved
  • Secure boot validation failures without clear configuration changes
  • Anomalous behavior during AMD Secure Processor initialization phases
  • System logs indicating memory corruption or ASP-related errors

Detection Strategies

  • Monitor system event logs for unexpected ASP Boot Loader errors or recovery mode activations
  • Implement firmware integrity verification to detect unauthorized modifications to boot components
  • Deploy hardware-level monitoring for secure enclave anomalies where available
  • Utilize SentinelOne's endpoint detection capabilities to identify unusual boot-time behavior patterns

Monitoring Recommendations

  • Enable verbose logging for firmware and boot processes to capture ASP-related events
  • Establish baseline behavior for system boot sequences to identify deviations
  • Configure alerts for repeated recovery mode activations which may indicate exploitation attempts
  • Monitor for denial of service conditions that correlate with boot or recovery operations

How to Mitigate CVE-2025-29949

Immediate Actions Required

  • Review the AMD Security Bulletin #4013 for vendor-specific guidance and affected product lists
  • Inventory systems with AMD processors to identify potentially vulnerable deployments
  • Apply firmware updates from AMD or system vendors as they become available
  • Restrict physical and local access to critical systems to reduce attack surface
  • Implement defense-in-depth strategies to limit the impact of potential exploitation

Patch Information

AMD has published Security Bulletin #4013 addressing this vulnerability. Organizations should consult the AMD Security Bulletin #4013 for detailed patch information, affected processor models, and updated firmware versions. Firmware updates should be applied through system vendor channels (OEM BIOS/UEFI updates) as ASP firmware is typically distributed as part of platform firmware packages.

Workarounds

  • Limit local access to affected systems to trusted administrators only
  • Disable legacy recovery mode functionality if not operationally required and if such configuration is supported
  • Implement physical security controls to prevent unauthorized local access
  • Monitor for and alert on recovery mode activation events as a compensating control

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeDOS
  • Vendor/TechAmd Secure Processor
  • SeverityMEDIUM
  • CVSS Score4.8
  • EPSS Probability0.01%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityLow
  • CWE References
  • CWE-787
  • Technical References
  • AMD Security Bulletin #4013
  • Related CVEs
  • CVE-2023-31323: AMD Secure Processor Type Confusion Flaw
  • CVE-2023-20548: AMD Secure Processor Race Vulnerability
  • CVE-2023-20514: AMD Secure Processor RCE Vulnerability
  • CVE-2021-26410: AMD Secure Processor Info Disclosure Bug
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English