AMD has officially acknowledged the discovery of 13 critical vulnerabilities and exploitable backdoors affecting its Ryzen and EPYC processors. This disclosure follows a report by Israel-based CTS Labs and comes with a commitment from AMD to release firmware updates for millions of impacted devices within weeks.
Research from CTS Labs indicates that these significant vulnerabilities—named RyzenFall, MasterKey, Fallout, and Chimera—target AMD’s Platform Security Processor (PSP). Such weaknesses could permit attackers to access sensitive data, install persistent malware directly on the chip, and achieve full control over compromised systems.
Although the exploitation of these vulnerabilities necessitates administrative access, attackers could potentially bypass essential security features like Windows Credential Guard, Trusted Platform Modules (TPMs), and virtualization technologies, which are designed to safeguard sensitive information even from administrative accounts.
In a press release from AMD, the company downplayed the risks, stating, “Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research.” Nonetheless, the company reassured users that the upcoming patches will not adversely affect device performance.
The responsible disclosure of these vulnerabilities has sparked controversy within the cybersecurity community, as some experts and journalists have questioned the manner and timing of CTS Labs’ public announcement—made less than 24 hours after notifying AMD. Importantly, CTS Labs did not release technical details that could jeopardize AMD users.
Ilia Luk-Zilberman, CTO of CTS Labs, criticized the traditional ‘Responsible Disclosure’ process, identifying flaws that leave users vulnerable. Zilberman suggested that a more transparent approach could involve immediate public notifications of vulnerabilities while withholding technical details until fixes are available, thereby exerting public pressure on companies to expedite patch deployment without compromising user security.
Despite AMD’s assurances, CTS Labs has raised concerns that some vulnerabilities may take months to patch, with some remaining unresolvable.
In summary, the recognition of these vulnerabilities highlights the importance of continuous security vigilance, particularly for businesses that rely on AMD processors. The potential for exploitation aligns with various MITRE ATT&CK tactics, including initial access and privilege escalation, reinforcing the need for robust cybersecurity frameworks to mitigate such risks effectively.
For further insights into the vulnerabilities known as RyzenFall, MasterKey, Fallout, and Chimera, please refer to our previous articles.