exploitDog

CVE-2025-9612

Опубликовано: 09 дек. 2025

Источник: nvd

CVSS3: 5.1

EPSS Низкий

Описание

An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.

Ссылки

https://pcisig.com/PCIeIDEStandardVulnerabilities
Vendor Advisory
https://pcisig.com/specifications
Product
https://kb.cert.org/vuls/id/404544
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pcisig:pci_express_integrity_and_data_encryption:-:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.0001

Низкий

5.1 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-g6rm-vh26-9g98

CVSS3: 5.1

github

около 2 месяцев назад

An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.

EPSS

Процентиль: 1%

0.0001

Низкий

5.1 Medium

CVSS3

Дефекты

NVD-CWE-noinfo