Researchers claim an AMD security flaw could let hackers access encrypted data
Using only a $10 test rig, researchers were able to pull off the badRAM attack
Researchers have exposed an issue with the memory implementation on AMD’s data center chips that could threaten the integrity of data, but the chipmaker has hit back at the claims.
In a paper due to be presented at IEEE in 2025, researchers from University of Lübeck, KU Leven, and University of Birmingham highlighted a potential weakness in AMD’s secure encrypted virtualization (SEV) technology.
Dubbed ‘badRAM’, the paper outlines how attackers could manipulate the SEV system to allow unauthorized access to encrypted memory on the processor.
In a post dedicated to explaining the badRAM attack, researchers explained how the SEV technology was intended to protect processor memory in virtual machine (VM) environments through encryption.
“AMD's Secure Encrypted Virtualization (SEV) is a cutting-edge technology that protects privacy and trust in cloud computing by encrypting a virtual machine's (VM's) memory and isolating it from advanced attackers, even those compromising critical infrastructure like the virtual machine manager or firmware.”
But the paper warned that if correctly exploited the threat actors could access data used by the microprocessor, and potentially read and even overwrite the encrypted content.
The researchers further detailed the underlying premise of the exploit, whereby attackers could use “rogue memory modules” to deliberately provide false information to the processor during startup.
Using a test rig that cost them just $10, kitted out with a Raspberry Pi Pico, and a DIMM socket to hold the RAM, the team was able to successfully exploit the flaw by fiddling with the serial presence detect (SPD) metadata to circumvent the SEV encryption.
“We found that tampering with the embedded SPD chip on commercial DRAM modules allows attackers to bypass SEV protections — including AMD’s latest SEV-SNP version,” the badRAM.eu website explains.
“For less than $10 in off-the-shelf equipment, we can trick the processor into allowing access to encrypted memory. We build on this BadRAM attack primitive to completely compromise the AMD SEV ecosystem, faking remote attestation reports and inserting backdoors into any SEV-protected VM.”
BadRAM flaw only medium severity due to high barrier to entry for attackers
In a security bulletin issued by AMD the chip giant outlined the issue, tracked as SB-3015 as follows.
“A team of researchers has reported to AMD that it may be possible to modify serial presence detect (SPD) metadata to make an attached memory module appear larger than it is, potentially allowing an attacker to overwrite physical memory.”
The CVE description described the issue as stemming from improper input validation for DIM SPD metadata that would allow an attacker with certain levels of access to potentially overwrite guest memory.
The issue was only classified as a medium severity threat warranting a 5.3 rating on the CVSS owing to the high level of access required by a potential attacker.
RELATED WHITEPAPER
AMD said the issue is better described as a memory implementation issue, rather than an AMD product vulnerability, adding that the barriers to executing the attack are very high, explaining it being given a medium severity rating.
In a statement given to ITPro, AMD outlined the types of access that an attacker would need to exploit the issue, providing some mitigation strategies clients can take.
“AMD believes exploiting the disclosed vulnerability requires an attacker either having physical access to the system, operating system kernel access on a system with unlocked memory modules, or installing a customized, malicious BIOS,” AMD advised.
“AMD recommends utilizing memory modules that lock Serial Presence Detect (SPD), as well as following physical system security best practices. AMD has also released firmware updates to customers to mitigate the vulnerability.”
-
What is Microsoft Maia?Explainer Microsoft's in-house chip is planned to a core aspect of Microsoft Copilot and future Azure AI offerings
-
If Satya Nadella wants us to take AI seriously, let’s forget about mass adoption and start with a return on investment for those already using itOpinion If Satya Nadella wants us to take AI seriously, let's start with ROI for businesses
-
Experts welcome EU-led alternative to MITRE's vulnerability tracking schemeNews The EU-led framework will reduce reliance on US-based MITRE vulnerability reporting database
-
Veeam patches Backup & Replication vulnerabilities, urges users to updateNews The vulnerabilities affect Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds – but not previous versions.
-
Two Fortinet vulnerabilities are being exploited in the wild – patch nowNews Arctic Wolf and Rapid7 said security teams should act immediately to mitigate the Fortinet vulnerabilities
-
Everything you need to know about Google and Apple’s emergency zero-day patchesNews A serious zero-day bug was spotted in Chrome systems that impacts Apple users too, forcing both companies to issue emergency patches
-
Security experts claim the CVE Program isn’t up to scratch anymore — inaccurate scores and lengthy delays mean the system needs updatedNews CVE data is vital in combating emerging threats, yet inaccurate ratings and lengthy wait times are placing enterprises at risk
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
-
Critical Dell Storage Manager flaws could let hackers access sensitive data – patch nowNews A trio of flaws in Dell Storage Manager has prompted a customer alert
-
Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code, breach networksNews Hackers abusing the Lenovo flaw could inject malicious code with just a single prompt
