Some of the top AMD chips are suffering a serious security flaw

AMD Ryzen 5 7600X processor
(Image credit: Future)

Cybersecurity researchers from the Technical University of Berlin have discovered a flaw in some AMD hardware that might allow threat actors to read sensitive, encrypted content from the endpoint

The feasibility of the method is questionable though, as it requires physical access to the device for several hours in order to be fully leveraged. 

According to the researchers’ technical paper, the AMD firmware-based Trusted Platform Module (fTPM/TPM) carries the flaw, which they dubbed “faulTPM”. The flaw could be compromised via a “voltage fault injection”, allowing malicious actors to potentially read the contents of apps that fully rely on TPM-based security such as BitLocker.

Acknowledging the flaw

To pull the feat off, the researchers bought off-the-shelf hardware for roughly $200, and targeted AMD’s Platform Security Processor (PSP) found in Zen 2 and Zen 3 chips (we don’t know if Zen 4 chips are vulnerable). They also need physical access to the target device for “several hours”, they said. 

Commenting on the news to Tom’s Hardware, AMD said it was aware of the report and is working to understand potential new threats: “AMD is aware of the research report attacking our firmware trusted platform module which appears to leverage related vulnerabilities previously discussed at ACM CCS 2021,” the company’s spokesperson told the publication. 

“This includes attacks carried out through physical means, typically outside the scope of processor architecture security mitigations. We are continually innovating new hardware-based protections in future products to limit the efficacy of these techniques. Specific to this paper, we are working to understand potential new threats and will update our customers and end-users as needed.” 

The publication also says that the papers released at ACM CCS 2021 discussed a glitching attack and did not use the attack vendor to compromise the TPM, which makes this research’s findings a novel cyberattack method.

More details can be found on this link.

Via: Tom's Hardware

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.