Improper validation of integrity check value in PCI Express (PCIe) Base Specification - CVE-2025-9612
Published: December 10, 2025
Vulnerability identifier: #VU119815
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-9612
CWE-ID: CWE-354
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: PCI-SIG
Affected software:
PCI Express (PCIe) Base Specification
PCI Express (PCIe) Base Specification
Detailed vulnerability description
The vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in the PCIe IDE protocol’s Transaction Layer Packet (TLP) ordering enforcement mechanism as described in PCI Express (PCIe) Base Specification. A local user or attacker with physical access to the system can perform a Man-in-the-Middle (MITM) attack to observe and reorder IDE protected TLPs without triggering detection at the receiver and violate integrity objectives that both IDE and TDISP are designed to uphold.
How to mitigate CVE-2025-9612
The PCI-SIG has issued a Draft Engineering Change Notice (D-ECN) titled “IDE TLP Reordering Enhancement” to the Base Specification Rev 7.0. The D-ECN feature will be included in upcoming PCI specifications (Base 6.5 and 7.1) and can also be used in current Base 5.x systems through standard compliance procedures.