Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for Cortex-X3 by Arm
CVE-2025-10263 (GCVE-0-2025-10263)
Vulnerability from nvd – Published: 2026-06-09 09:23 – Updated: 2026-06-09 16:53
VLAI
Summary
Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm | C1-Ultra |
Affected:
0
|
|
| Arm | C1-Premium |
Affected:
0
|
|
| Arm | Neoverse V3 |
Affected:
0
|
|
| Arm | Neoverse V3AE |
Affected:
0
|
|
| Arm | Neoverse V1 |
Affected:
0
|
|
| Arm | Neoverse N2 |
Affected:
0
|
|
| Arm | Neoverse N1 |
Affected:
0
|
|
| Arm | Cortex-X925 |
Affected:
0
|
|
| Arm | Cortex-X4 |
Affected:
0
|
|
| Arm | Cortex-X3 |
Affected:
0
|
|
| Arm | Cortex-X2 |
Affected:
0
|
|
| Arm | Cortex-X1 |
Affected:
0
|
|
| Arm | Cortex-X1C |
Affected:
0
|
|
| Arm | Cortex-A710 |
Affected:
0
|
|
| Arm | Cortex-A78 |
Affected:
0
|
|
| Arm | Cortex-A78AE |
Affected:
0
|
|
| Arm | Cortex-A78C |
Affected:
0
|
|
| Arm | Cortex-A77 |
Affected:
0
|
|
| Arm | Cortex-A76 |
Affected:
0
|
|
| Arm | Cortex-A76AE |
Affected:
0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-06-09T16:53:49.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://xenbits.xen.org/xsa/advisory-493.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/06/09/13"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-10263",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T14:11:21.775441Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T14:11:48.257Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "C1-Ultra",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C1-Premium",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse V3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse V3AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse V1",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse N2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse N1",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X925",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X4",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X1",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X1C",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A710",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A78",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A78AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A78C",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A77",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A76",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A76AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026amp; V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026amp; X1C, Cortex-A710, Cortex-A78, A78AE \u0026amp; A78C, Cortex-A77, Cortex-A76 \u0026amp; A76A may allow writes to resources owned by a higher exception level."
}
],
"value": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T09:23:18.802Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/documentation/112137"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2025-10263",
"datePublished": "2026-06-09T09:23:18.802Z",
"dateReserved": "2025-09-11T08:50:36.018Z",
"dateUpdated": "2026-06-09T16:53:49.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0647 (GCVE-0-2025-0647)
Vulnerability from nvd – Published: 2026-01-14 10:58 – Updated: 2026-01-20 15:21
VLAI
Summary
In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.
Severity
7.9 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-226 - Sensitive Information in Resource Not Removed Before Reuse
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://developer.arm.com/documentation/111546 | |
| https://graph.volerion.com/view?ID=CVE-2025-0647 | third-party-advisory |
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm | Neoverse-N2 |
Affected:
0
|
|
| Arm | Neoverse-V3AE |
Affected:
0
|
|
| Arm | Neoverse-V3 |
Affected:
0
|
|
| Arm | Neoverse-V2 |
Affected:
0
|
|
| Arm | Cortex-X925 |
Affected:
0
|
|
| Arm | Cortex-X4 |
Affected:
0
|
|
| Arm | Cortex-X3 |
Affected:
0
|
|
| Arm | Cortex-X2 |
Affected:
0
|
|
| Arm | Cortex-A710 |
Affected:
0
|
|
| Arm | C1-Premium |
Affected:
0
|
|
| Arm | C1-Ultra |
Affected:
0
|
Date Public
2026-01-14 10:48
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-0647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T15:18:04.412117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T15:21:14.551Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://graph.volerion.com/view?ID=CVE-2025-0647"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Neoverse-N2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse-V3AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse-V3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse-V2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X925",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X4",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A710",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C1-Premium",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C1-Ultra",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2026-01-14T10:48:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-226",
"description": "CWE-226 Sensitive Information in Resource Not Removed Before Reuse",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T10:58:44.342Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/documentation/111546"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2025-0647",
"datePublished": "2026-01-14T10:58:44.342Z",
"dateReserved": "2025-01-22T14:26:41.767Z",
"dateUpdated": "2026-01-20T15:21:14.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10263 (GCVE-0-2025-10263)
Vulnerability from cvelistv5 – Published: 2026-06-09 09:23 – Updated: 2026-06-09 16:53
VLAI
Summary
Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm | C1-Ultra |
Affected:
0
|
|
| Arm | C1-Premium |
Affected:
0
|
|
| Arm | Neoverse V3 |
Affected:
0
|
|
| Arm | Neoverse V3AE |
Affected:
0
|
|
| Arm | Neoverse V1 |
Affected:
0
|
|
| Arm | Neoverse N2 |
Affected:
0
|
|
| Arm | Neoverse N1 |
Affected:
0
|
|
| Arm | Cortex-X925 |
Affected:
0
|
|
| Arm | Cortex-X4 |
Affected:
0
|
|
| Arm | Cortex-X3 |
Affected:
0
|
|
| Arm | Cortex-X2 |
Affected:
0
|
|
| Arm | Cortex-X1 |
Affected:
0
|
|
| Arm | Cortex-X1C |
Affected:
0
|
|
| Arm | Cortex-A710 |
Affected:
0
|
|
| Arm | Cortex-A78 |
Affected:
0
|
|
| Arm | Cortex-A78AE |
Affected:
0
|
|
| Arm | Cortex-A78C |
Affected:
0
|
|
| Arm | Cortex-A77 |
Affected:
0
|
|
| Arm | Cortex-A76 |
Affected:
0
|
|
| Arm | Cortex-A76AE |
Affected:
0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-06-09T16:53:49.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://xenbits.xen.org/xsa/advisory-493.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/06/09/13"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-10263",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T14:11:21.775441Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T14:11:48.257Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "C1-Ultra",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C1-Premium",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse V3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse V3AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse V1",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse N2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse N1",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X925",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X4",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X1",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X1C",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A710",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A78",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A78AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A78C",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A77",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A76",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A76AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026amp; V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026amp; X1C, Cortex-A710, Cortex-A78, A78AE \u0026amp; A78C, Cortex-A77, Cortex-A76 \u0026amp; A76A may allow writes to resources owned by a higher exception level."
}
],
"value": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T09:23:18.802Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/documentation/112137"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2025-10263",
"datePublished": "2026-06-09T09:23:18.802Z",
"dateReserved": "2025-09-11T08:50:36.018Z",
"dateUpdated": "2026-06-09T16:53:49.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0647 (GCVE-0-2025-0647)
Vulnerability from cvelistv5 – Published: 2026-01-14 10:58 – Updated: 2026-01-20 15:21
VLAI
Summary
In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.
Severity
7.9 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-226 - Sensitive Information in Resource Not Removed Before Reuse
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://developer.arm.com/documentation/111546 | |
| https://graph.volerion.com/view?ID=CVE-2025-0647 | third-party-advisory |
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm | Neoverse-N2 |
Affected:
0
|
|
| Arm | Neoverse-V3AE |
Affected:
0
|
|
| Arm | Neoverse-V3 |
Affected:
0
|
|
| Arm | Neoverse-V2 |
Affected:
0
|
|
| Arm | Cortex-X925 |
Affected:
0
|
|
| Arm | Cortex-X4 |
Affected:
0
|
|
| Arm | Cortex-X3 |
Affected:
0
|
|
| Arm | Cortex-X2 |
Affected:
0
|
|
| Arm | Cortex-A710 |
Affected:
0
|
|
| Arm | C1-Premium |
Affected:
0
|
|
| Arm | C1-Ultra |
Affected:
0
|
Date Public
2026-01-14 10:48
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-0647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T15:18:04.412117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T15:21:14.551Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://graph.volerion.com/view?ID=CVE-2025-0647"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Neoverse-N2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse-V3AE",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse-V3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Neoverse-V2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X925",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X4",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X3",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-X2",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cortex-A710",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C1-Premium",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C1-Ultra",
"vendor": "Arm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2026-01-14T10:48:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-226",
"description": "CWE-226 Sensitive Information in Resource Not Removed Before Reuse",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T10:58:44.342Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/documentation/111546"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2025-0647",
"datePublished": "2026-01-14T10:58:44.342Z",
"dateReserved": "2025-01-22T14:26:41.767Z",
"dateUpdated": "2026-01-20T15:21:14.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}