Three critical security vulnerabilities have been discovered within the Peripheral Component Interconnect Express (PCIe) Integrity and Data Encryption (IDE) protocol specification. These flaws, which specifically impact PCIe Base Specification Revision 5.0 and later, could allow a local attacker to compromise sensitive data, escalate privileges, or disrupt system operations. The vulnerabilities were detailed by the PCI Special Interest Group (PCI-SIG) and identified by researchers from Intel.
PCIe is a fundamental high-speed interface standard used to connect vital hardware components within computers and servers. The IDE protocol, introduced subsequently, aims to bolster security by encrypting and protecting the integrity of data transmitted over PCIe connections. The discovery of these vulnerabilities raises concerns about the effectiveness of these security measures and the potential exposure of systems implementing the IDE protocol.
PCIe IDE Vulnerabilities Threaten Data Security
The PCI-SIG has acknowledged three distinct vulnerabilities that affect the PCIe IDE protocol. These flaws, stemming from the IDE Engineering Change Notice (ECN) mechanism, could lead to significant security exposures. Depending on the specific implementation within a PCIe component, successful exploitation might result in information disclosure, privilege escalation, or denial of service.
The vulnerabilities were identified by Intel employees Arie Aharon, Makaram Raghunandan, Scott Constable, and Shalini Sharma. They are cataloged as follows:
CVE-2025-9612 (Forbidden IDE Reordering): This vulnerability arises from a missing integrity check on a receiving port. It potentially allows for the re-ordering of PCIe traffic, a situation where a receiver might process outdated or stale data.
CVE-2025-9613 (Completion Timeout Redirection): An incomplete flushing of a completion timeout mechanism is at the core of this flaw. An attacker could inject a packet with a matching tag, leading a receiver to accept incorrect data.
CVE-2025-9614 (Delayed Posted Redirection): This issue stems from an incomplete flushing or re-keying of an IDE stream. Consequently, a receiver might process stale or incorrect data packets.
Implications and Severity of the PCIe Vulnerabilities
While the successful exploitation of these flaws could undermine the confidentiality, integrity, and security objectives of the PCIe IDE protocol, the PCI-SIG has classified them as low-severity. The attacks necessitate physical or low-level access to the targeted computer’s PCIe IDE interface to be effective. The assigned CVSS v3.1 score is 3.0, and the CVSS v4 score is 1.8, reflecting this limited attack vector.
However, the vulnerabilities still pose a risk, particularly in environments where IDE and the Trusted Domain Interface Security Protocol (TDISP) are employed to isolate trusted execution environments. An adversary capable of breaching this isolation could potentially exploit these flaws. The CERT Coordination Center (CERT/CC) has issued an advisory recommending that manufacturers adhere to the updated PCIe 6.0 standard and implement Erratum #1 guidance within their IDE implementations.
Both Intel and AMD have released alerts detailing the specific products affected by these vulnerabilities. In Intel’s case, this includes Intel Xeon 6 Processors with P-cores, and specifically the Intel Xeon 6700P-B/6500P-B series SoC with P-Cores. AMD’s affected products include the AMD EPYC 9005 Series Processors and AMD EPYC Embedded 9005 Series Processors.
End users are strongly advised to apply firmware updates provided by their system or component suppliers. This is especially crucial for environments that rely on PCIe IDE to safeguard sensitive data. The ongoing development and implementation of robust hardware security protocols like PCIe IDE are essential for maintaining the integrity of modern computing systems against evolving threats.
Moving forward, the focus will be on the widespread adoption of the updated PCIe standards and firmware patches by manufacturers and end-users alike. Continued vigilance and proactive security measures will be necessary to mitigate risks associated with complex hardware interfaces and their associated encryption protocols.