PatchSiren cyber security CVE debrief
CVE-2025-51677 openRISC CVE debrief
An issue was discovered in openRISC OR1200 commit 83ac6b. An output mismatch between the RTL and the netlist of the or1200 cpu output port can lead to unexpected behavior. The CVE record was published on 2026-07-17T20:17:13.763Z and has not been modified since then. This issue affects users of openRISC OR1200 CPU, who should be aware of this issue and verify their systems for potential unexpected behavior. The issue is caused by an output mismatch between the RTL and the netlist of the or1200 cpu output port in openRISC OR1200 commit 83ac6b.
- Vendor
- openRISC
- Product
- OR1200 CPU
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-17
- Original CVE updated
- 2026-07-17
- Advisory published
- 2026-07-17
- Advisory updated
- 2026-07-17
Who should care
Users of openRISC OR1200 CPU should be aware of this issue and verify their systems for potential unexpected behavior. This issue affects operators, platforms, vulnerability-management, and security teams. Users should review compensating controls for exposed systems while remediation is scheduled and verified.
Technical summary
The issue is caused by an output mismatch between the RTL and the netlist of the or1200 cpu output port in openRISC OR1200 commit 83ac6b. This mismatch can lead to unexpected behavior. The affected product is openRISC OR1200 CPU. Users should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance. Affected users should verify their systems for potential unexpected behavior and assess compensating controls until remediation can be applied and verified. The CVE record was published on 2026-07-17T20:17:13.763Z and has not been modified since then. The openRISC OR1200 CPU issue was discovered in commit 83ac6b, which contains the output mismatch.
Defensive priority
Medium
Recommended defensive actions
- Verify the RTL and netlist of the or1200 cpu output port for consistency
- Monitor system behavior for unexpected results
- Consider updating to a fixed version of openRISC OR1200
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-07-17T20:17:13.763Z and has not been modified since then. The NVD entry is currently Received. The openRISC OR1200 CPU issue was discovered in commit 83ac6b, which contains an output mismatch between the RTL and the netlist of the or1200 cpu output port. This mismatch can lead to unexpected behavior. Users should verify their systems for potential unexpected behavior and review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-17T20:17:13.763Z and has not been modified since then.