Press ESC to close

BadRAM: $10 security flaw in AMD could allow hackers to access cloud computing secrets

Attribute Details
Threat Actors Potential attackers requiring physical access; remote attackers exploiting unlocked SPD chips
Campaign Overview Exploitation of a vulnerability in AMD’s Secure Encrypted Virtualisation (SEV) memory protection, enabling access to encrypted cloud data for as little as $10 in equipment
Target Regions Cloud computing environments globally, including providers like AWS, Google, Microsoft, and IBM
Methodology Manipulation of the Serial Presence Detect (SPD) chip on RAM modules to trick processors into accessing encrypted memory
Product Targeted AMD processors using SEV protection; potentially other manufacturers not locking SPD chips
Malware Reference None explicitly mentioned
Tools Used Off-the-shelf hardware costing less than $10 to modify SPD chips
Vulnerabilities Exploited Bypassing SEV protections through “aliasing,” creating multiple CPU addresses for the same memory location
TTPs Physical tampering with hardware, aliasing to bypass memory protections, and exploiting unlocked SPD chips
Attribution Vulnerability discovered by researchers from KU Leuven, University of Luebeck, and University of Birmingham
Recommendations Apply AMD firmware updates, use SPD-locked memory modules, follow physical system security best practices, monitor for tampering
Source The Record

Read full article: https://therecord.media/amd-security-flaw-badram

Disclaimer: The above summary has been generated by an AI language model

Leave a Reply

Your email address will not be published. Required fields are marked *