What you need to know
- Researchers have exposed a vulnerability with AMD SEV (Secure Encrypted Virtualization).
- In response, AMD has cast doubt on the real-world implications of the discovery, citing physical logistical hurdles for threat actors.
- The researchers have responded, disputing the existence of said hurdles.
In one of the more tech-savvy, inside-baseball bits of news to crop up recently, AMD and a group of researchers have begun something of a sparring match, going back and forth over whether AMD SEV (Secure Encrypted Virtualization) has just had a dangerous vulnerability exposed or if nothing more than inconsequential hypotheticals have been presented.
Here's the idea behind SEV (based on how AMD is positioning it): It's meant to safeguard virtual machine data in the cloud so that admins can't go wild and cause chaos. However, in a research paper entitled "One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization," researchers shine a spotlight on where SEV can be compromised (via The Register).
"By manipulating the input voltage to AMD systems on a chip (SoCs), we induce an error in the read-only memory (ROM) bootloader of the AMD-SP, allowing us to gain full control over this root-of-trust," the paper says. "This type of attack is commonly referred to as voltage fault injection attacks."
AMD replied that this is not a remote attack scenario, casting doubt over the real-world utility of the attack. However, the researchers came back with a statement. When speaking to TechRadar Pro, Robert Buhren, one of the paper's authors, pointed out that "no physical tampering with machines in the data center is required" and that the threat posed by a voltage fault injection attack is very much real.
Furthermore, Buhren highlighted that the vulnerability being unrelated to firmware means that firmware updates can't stop it, making it even more dangerous. AMD has yet to publicly reply to the updated researcher response.
