CVE-2025-9612

Name of the Vulnerable Software and Affected Versions PCI Express (PCIe) Integrity and Data Encryption (IDE) specification (affected versions not specified)

Description The PCI Express (PCIe) Integrity and Data Encryption (IDE) specification contains insufficient guidance regarding Transaction Layer Packet (TLP) ordering and tag uniqueness. This deficiency potentially allows encrypted packets to be replayed or reordered without detection. A local or physical attacker on the PCIe bus could exploit this to compromise data integrity protections.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.