CVE-2025-10263 - Vulnerability Details

CVE-2025-10263 - Privilege Escalation via Unauthorized Writes to Higher Exception Level Resources in ARM Processors

Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Exploitation none

Automatable yes

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Arm

C1-Ultra

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

C1-Premium

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Neoverse V3

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Neoverse V3AE

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Neoverse V1

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Neoverse N2

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Neoverse N1

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-X925

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-X4

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-X3

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-X2

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-X1

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-X1C

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-A710

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-A78

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-A78AE

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-A78C

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-A77

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-A76

unaffected

Version	Status	Constraints
`0`	affected	—

Arm

Cortex-A76AE

unaffected

Version	Status	Constraints
`0`	affected	—

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Arm Subscribe	C1-premium Subscribe C1-ultra Subscribe Cortex-a710 Subscribe Cortex-a76 Subscribe Cortex-a76ae Subscribe Cortex-a77 Subscribe Cortex-a78 Subscribe Cortex-a78ae Subscribe Cortex-a78c Subscribe Cortex-x1 Subscribe Cortex-x1c Subscribe Cortex-x2 Subscribe Cortex-x3 Subscribe Cortex-x4 Subscribe Cortex-x925 Subscribe Neoverse-n2 Subscribe Neoverse-v1 Subscribe Neoverse-v3 Subscribe Neoverse-v3ae Subscribe Neoverse N1 Subscribe

Project Subscriptions

Vendors	Products
Arm Subscribe	C1-premium Subscribe C1-ultra Subscribe Cortex-a710 Subscribe Cortex-a76 Subscribe Cortex-a76ae Subscribe Cortex-a77 Subscribe Cortex-a78 Subscribe Cortex-a78ae Subscribe Cortex-a78c Subscribe Cortex-x1 Subscribe Cortex-x1c Subscribe Cortex-x2 Subscribe Cortex-x3 Subscribe Cortex-x4 Subscribe Cortex-x925 Subscribe Neoverse-n2 Subscribe Neoverse-v1 Subscribe Neoverse-v3 Subscribe Neoverse-v3ae Subscribe Neoverse N1 Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://xenbits.xen.org/xsa/advisory-493.html
https://developer.arm.com/documentation/112137

History

Tue, 09 Jun 2026 15:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 09 Jun 2026 14:30:00 +0000

Type	Values Removed	Values Added
References		http://xenbits.xen.org/xsa/advisory-493.html

Tue, 09 Jun 2026 11:45:00 +0000

Type	Values Removed	Values Added
Title		Privilege Escalation via Unauthorized Writes to Higher Exception Level Resources in ARM Processors
First Time appeared		Arm Arm c1-premium Arm c1-ultra Arm cortex-a710 Arm cortex-a76 Arm cortex-a76ae Arm cortex-a77 Arm cortex-a78 Arm cortex-a78ae Arm cortex-a78c Arm cortex-x1 Arm cortex-x1c Arm cortex-x2 Arm cortex-x3 Arm cortex-x4 Arm cortex-x925 Arm neoverse-n2 Arm neoverse-v1 Arm neoverse-v3 Arm neoverse-v3ae Arm neoverse N1
Vendors & Products		Arm Arm c1-premium Arm c1-ultra Arm cortex-a710 Arm cortex-a76 Arm cortex-a76ae Arm cortex-a77 Arm cortex-a78 Arm cortex-a78ae Arm cortex-a78c Arm cortex-x1 Arm cortex-x1c Arm cortex-x2 Arm cortex-x3 Arm cortex-x4 Arm cortex-x925 Arm neoverse-n2 Arm neoverse-v1 Arm neoverse-v3 Arm neoverse-v3ae Arm neoverse N1

Tue, 09 Jun 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level.
Weaknesses		CWE-362
References		https://developer.arm.com/documentation/112137

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Arm

Published: 2026-06-09T09:23:18.802Z

Updated: 2026-06-09T14:11:48.257Z

Reserved: 2025-09-11T08:50:36.018Z

Link: CVE-2025-10263

Vulnrichment

Updated: 2026-06-09T13:55:40.021Z

NVD

Status : Awaiting Analysis

Published: 2026-06-09T10:16:33.003

Modified: 2026-06-09T14:16:33.773

Link: CVE-2025-10263

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-09T11:30:03Z

Weaknesses

CWE-362

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object