Academics researchers have demonstrated a successful attack strategy to get around the protections provided by AMDs famed Secure Encrypted Virtualization (SEV) technology.
AMD SEV leverages the AMD Secure Processor (AMD-SP) to separate security-sensitive operations from software executing elsewhere in order to safeguard virtual machines (VM) in untrusted environments.
Researchers from Technische Universität (TU) Berlin's Security in Telecommunications group, describe how they succeeded in mounting a voltage fault injection attack, in a paper aptly titled "One Glitch to Rule Them All: Fault Injection Attacks Against AMD’s Secure Encrypted Virtualization"
- Protect your devices with these best antivirus software
- These are the best ransomware protection tools
- Here's our choice of the best malware removal software on the market
A successful attack enables the perpetrator to execute custom payloads on the AMD-SP that ships with all AMD SEV processors currently in the market, including Naples (Zen 1), Rome (Zen 2), and Milan (Zen 3).
According to The Register’s parsing of the paper, the bypass technique involves manipulating the input voltage to AMD systems on a chip (SoC), in order to induce an error in the read-only memory (ROM) bootloader of the AMD-SP.
Notably, the attack relies on cheap, off-the-shelf components, including a $30 Teensy µController, and a $12 flash programmer.
However, to attack can’t be executed remotely and needs physical access to the server. An AMD spokesperson also flagged this fact when contacted by The Register, rendering any real-world implications of the vulnerability moot, unlike earlier vulnerabilities.
In addition to highlighting the issue, the researchers also suggested a couple of mitigations. One reportedly involves modifying software or hardware to detect voltage modulation, while the other involves the addition of additional circuitry to defend against voltage glitches.
- Take a look at our list of the best virtual machine software in 2021
Via The Register