CVE-2025-62619

Description

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality.

References

• https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9023.html