November 16, 2023 at 04:02PM Researchers have discovered a vulnerability in AMD CPUs that can be exploited to undermine memory protections in cloud environments. Known as CacheWarp, this vulnerability impacts first- through third-generation EPYC processors. Attackers can use the vulnerability to gain unauthorized access and perform privilege escalation. AMD has released a microcode patch for … Read more
November 15, 2023 at 05:09AM Chipmakers Intel and AMD released security advisories this week, disclosing a total of more than 130 vulnerabilities in their products. Intel addressed 105 vulnerabilities, including a critical flaw in Data Center Manager software. AMD disclosed 27 vulnerabilities, with one impacting AMD Secure Encrypted Virtualization and another in SMM Supervisor. Both … Read more
November 15, 2023 at 05:09AM A vulnerability affecting certain Intel processors, tracked as Reptar and CVE-2023-23583, has been discovered. It could result in a crash, privilege escalation, and information disclosure. Intel has released microcode updates to address the issue, and users are advised to ensure their BIOS, system OS, and drivers are up to date. … Read more
November 14, 2023 at 03:34PM CacheWarp, a new software-based fault injection attack, allows threat actors to hack into AMD SEV-protected virtual machines. The attack exploits vulnerabilities in AMD’s SEV-ES and SEV-SNP technology, designed to protect against malicious hypervisors. Malicious actors can manipulate memory writes to escalate privileges and gain remote code execution. Security researchers have … Read more
November 14, 2023 at 02:27PM Researchers from the CISPA Helmholtz Center for Information Security have discovered a new software fault attack called CacheWarp that targets AMD’s Secure Encrypted Virtualization (SEV) technology. The attack exploits a vulnerability in SEV to infiltrate encrypted virtual machines and achieve privilege escalation. AMD has released a microcode update to address … Read more
November 14, 2023 at 01:45PM Researchers have discovered a new attack method called CacheWarp that affects AMD processors. It poses a risk to protected virtual machines by allowing hackers to hijack control flow, break into encrypted VMs, and escalate privileges. CacheWarp is a software-based fault injection attack resulting from an architectural bug in AMD CPUs. … Read more
November 14, 2023 at 01:38PM Researchers have discovered a flaw in AMD’s SEV trusted execution environment called CacheWarp that allows attackers to manipulate cache lines and memory, potentially leading to arbitrary code execution, data exposure, or privilege escalation within a guest VM. AMD has been notified of the vulnerability and plans to issue patches to … Read more