PT-2025-37707 · Sk Hynix · Sk Hynix Ddr5

Daniel Moghimi

Published

2025-09-15

Updated

2025-09-17

CVE-2025-6202

CVSS v4.0

7.1

Vector

AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

**Name of the Vulnerable Software and Affected Versions:**

SK Hynix DDR5 versions produced from January 2021 through December 2024

**Description:**

A vulnerability exists in SK Hynix DDR5 memory, allowing a local attacker to trigger Rowhammer bit flips, impacting hardware integrity and system security. The attack, dubbed “Phoenix” (CVE-2025-6202), bypasses existing protections like Error Correction Code (ECC) and Target Row Refresh (TRR). Successful exploitation can lead to bit flips within 109 seconds, potentially compromising RSA keys, escalating privileges to root, and enabling unauthorized access to sensitive data. The attack involves manipulating DRAM refresh cycles to achieve stable bit flips, even with protective measures in place. The vulnerability affects standard production-grade DDR5 systems.

**Recommendations:**

Increase the DRAM refresh rate threefold (3x) to mitigate the risk of exploitation.

Fix

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

CVE-2025-6202

Affected Products

Sk Hynix Ddr5

PT-2025-37707 · Sk Hynix · Sk Hynix Ddr5

Weakness Enumeration

Related Identifiers

Affected Products

References · 19