CVE-2025-9612_CVE-2025-9612

5.1 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Description

An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.

Basic Information

ID CVE-2025-9612

Source certcc

Published Dec 9, 2025 at 18:44

Modified Dec 11, 2025 at 14:57

Affected Product

Vendor PCI-SIG

Product PCI Express Integrity and Data Encryption (PCIe IDE) Specification

Affected Versions PCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0
PCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0

References

{
    "lastseen": "",
    "description": "An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.",
    "published": "2025-12-09T18:44:59.620Z",
    "modified": "2025-12-11T14:57:09.949Z",
    "type": "cve",
    "title": "CVE-2025-9612",
    "source": "certcc",
    "references": "https://pcisig.com/specifications\nhttps://pcisig.com/PCIeIDEStandardVulnerabilities",
    "id": "CVE-2025-9612",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "PCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0\nPCI-SIG PCI Express Integrity and Data Encryption (PCIe IDE) Specification 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
    "version": "0",
    "vendor": "PCI-SIG",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply