CVE-2025-54515 LOW

CVE-2025-54515

Weakness CWE-1284
Published November 23, 2025
Last update December 19, 2025

CVSS base score

1.0/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state.

Key dates

02Disclosure timeline

November 23, 2025 CVE published
December 19, 2025 Record updated