A Israel based security firm CTS-Labs have notified 13 security vulnerabilities on AMD Chips including AMD's Ryzen and EPYC processors. CTS-Labs noted that the vulnerability allows attacker to access stored sensitive data as well as also install malware on them.
CTS-Labs have reported all the 13 vulnerabilities to AMD and as per the standard vulnerability disclosure ADM have 90 days of dead line to fix them up.
CTS-Labs co-founder and Chief Financial Officer Yaron Luk-Zilberman mentioned that these new vulnerabilities were divided into four category. All essentially allow an attacker to target the secure segment of a processor, which is crucial to protecting the sensitive information on your device.
- Master Key - Masterkey is a set of three vulnerabilities allowing three distinct pathways to bypass Hardware Validated Boot on EPYC and Ryzen and achieve arbitrary code execution on
- Ryzenfall - This vulnerability specially affects AMD's Ryzen chips and would allow malware to completely take over the secure processor. In short, successful exploitation of the Ryzenfall able to access protected data, including encryption keys and passwords. These of the part of the processor where a normal users didn't have access.
If the attacker somehow able to bypass security feature called Windows Defender Credential Guard, which was introduced in Windows 10 Enterprise Edition then attacker could use the stolen data to spread to other computers within a network.
- Fallout - Fallout vulnerability only affects devices using AMD's EPYC secure processor. Fallout also allows attackers to access protected data sections, including Credential Guard. AMD EPYC chips are used for data centers and cloud servers, connecting computers used by industries around the world. If attackers used the vulnerabilities described in Fallout, they could steal all the credentials stored and spread across the network. "These network credentials are stored in a segregated virtual machine where it can't be accessed by standard hacking tools," said CTS-Labs CEO Ido Li On.
- Chimera - Chimera comes from two different vulnerabilities, one in firmware and one in hardware.
The Ryzen chipset itself allows malware to run on it. Because Wi-Fi, network and Bluetooth traffic flows through the chipset, an attacker could use that to infect your device, the researchers said. In a proof-of-concept demonstration, they said, it was possible to install a keylogger, which would allow an attacker to see everything typed on an infected computer.
What You Can Do?
Obviously, after reading this, you all looking for the fix of the bug or precautions. But I like to mention that at this stage we cannot do anything to mitigate the issue. As AMD security team is looking into the issues and we can expect patch soon .
Just keep in touch with us for the latest updates on this. You can also subscribe our mailing list for getting updates on your inbox. You can also check this White paper for detail information over the vulnerabilities.