CyberSecurity news
FlagThis
@ciso2ciso.com
//
A high-severity security vulnerability, identified as CVE-2024-56161, has been discovered in AMD's Secure Encrypted Virtualization (SEV), specifically impacting SEV-SNP-powered systems. The flaw allows an attacker with local administrator privileges to inject malicious CPU microcode due to improper signature verification in the AMD CPU ROM microcode patch loader. Successfully exploiting this vulnerability could lead to the loss of confidentiality and integrity of confidential guests running under AMD SEV-SNP, potentially compromising virtual machine guests and exposing sensitive workloads. The vulnerability has been assigned a CVSS score of 7.2 out of 10.0, indicating a high level of severity.
AMD has released security advisories and provided mitigations through updated microcode and SEV firmware releases. System administrators are strongly advised to apply the latest Platform Initialization (PI) updates and ensure their BIOS firmware contains the necessary fixes to prevent exploitation of CVE-2024-56161. The vulnerability was responsibly disclosed to AMD by Google security researchers, including Josh Eads, Kristoffer Janke, Eduardo Vela, Tavis Ormandy, and Matteo Rizzo. AMD credited the Google team and has taken steps to deliver mitigations promptly. Organizations utilizing AMD EPYC processors with SEV-enabled workloads should immediately contact their Original Equipment Manufacturer (OEM).
References :
AMD has released security advisories and provided mitigations through updated microcode and SEV firmware releases. System administrators are strongly advised to apply the latest Platform Initialization (PI) updates and ensure their BIOS firmware contains the necessary fixes to prevent exploitation of CVE-2024-56161. The vulnerability was responsibly disclosed to AMD by Google security researchers, including Josh Eads, Kristoffer Janke, Eduardo Vela, Tavis Ormandy, and Matteo Rizzo. AMD credited the Google team and has taken steps to deliver mitigations promptly. Organizations utilizing AMD EPYC processors with SEV-enabled workloads should immediately contact their Original Equipment Manufacturer (OEM).
Share:
References :
- ciso2ciso.com: AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access – Source:thehackernews.com
- : AMD security advisories 03 February 2025: CVE-2024-56161 (7.2 high) improper signature verification in AMD CPU ROM microcode patch loader could lead to the loss of SEV-based protection of a confidential guest.
- cyberpress.org: AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access
- The Hacker News: AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access
- ciso2ciso.com: AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access
- cyberpress.org: An AMD vulnerability (CVE-2024-56161) enables malicious microcode injection under specific circumstances.
- : Vulnerability Assessment Report: CVE-2024-56161 Vulnerability Overview Description CVE-2024-56161 refers to an improper signature verification vulnerability found in the AMD CPU ROM microcode patch loader.
- securityaffairs.com: AMD fixed a flaw that allowed to load malicious microcode
- cybersecuritynews.com: Cybersecuritynews article detailing the AMD SEV vulnerability allowing malicious microcode injection.
- : Improper signature verification in AMD CPU ROM's microcode patch loader leads to a security vulnerability.
Classification:
- HashTags: #AMD #Vulnerability #SEV-SNP
- Company: AMD
- Target: Confidential Guests
- Product: SEV-SNP
- Feature: Microcode Injection
- Type: Vulnerability
- Severity: High