CVE-2025-9613_CVE-2025-9613

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Description

A vulnerability was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completions being delivered to the wrong security context, potentially compromising data integrity and confidentiality.

Basic Information

ID CVE-2025-9613

Source certcc

Published Dec 9, 2025 at 18:52

Modified Dec 10, 2025 at 17:04

Affected Product

Vendor PCI-SIG

Product PCI Express Integrity and Data Encryption (PCIe IDE) Specification

Affected Versions PCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0
PCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0

References

{
    "lastseen": "",
    "description": "A vulnerability was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completions being delivered to the wrong security context, potentially compromising data integrity and confidentiality.",
    "published": "2025-12-09T18:52:02.956Z",
    "modified": "2025-12-10T17:04:11.448Z",
    "type": "cve",
    "title": "CVE-2025-9613",
    "source": "certcc",
    "references": "https://pcisig.com/specifications\nhttps://pcisig.com/PCIeIDEStandardVulnerabilities",
    "id": "CVE-2025-9613",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "PCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0\nPCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
    "version": "0",
    "vendor": "PCI-SIG",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply