AMD ‘investigating’ critical vulnerabilities in its latest Ryzen and EPYC CPUs

Israeli security firm CTS Labs has released a white paper to the press which detail a number of vulnerabilities affecting current AMD CPUs.

The 13 vulnerabilities listed in the white paper allegedly affect all Ryzen and Ryzen Pro products currently on the market, as well as EPYC server CPUs made by AMD, although root-level (administrator) operating system access is required in order to exploit them.

As is the case with many security exploits, these could theoretically allow hackers access to personal credentials and provide an opportunity to spread malware, but the white paper also warns of the potential for “long-term industrial espionage”.

AMD responds

The report from CTS Labs is intentionally light on the exploits’ details – a measure intended to stop anyone from using the alleged exploits while AMD is given the time to investigate them. Despite this, Gizmodo reports that CTS only gave AMD 24 hours notice before making the white paper public.

In the company’s official statement on the issue, AMD said it was “unusual for a security firm to publish research to the press without providing a reasonable amount of time for the company to investigate and address its findings”.

Naturally, AMD is “actively investigating and analyzing” the report’s findings, and we’ll keep this article updated with further details as they come to light.

TOPICS
Harry Domanski
Harry is an Australian Journalist for TechRadar with an ear to the ground for future tech, and the other in front of a vintage amplifier. He likes stories told in charming ways, and content consumed through massive screens. He also likes to get his hands dirty with the ethics of the tech.