Published: Wed, March 14, 2018
Research | By Jody Lindsey

AMD Ryzen and Epyc CPUs affected by 13 'critical' Spectre-like flaws

AMD Ryzen and Epyc CPUs affected by 13 'critical' Spectre-like flaws

However, CTS has stated the flaws can potentially allow backdoor entry into the secure parts of the processor, which could lead to passwords and sensitive data being stolen, or malware being inserted into the CPU.

While the vulnerabilities all require administrator access before they can be exploited, making them significantly more hard for intruders to use, they are unsafe in that they allow complete access to the system, including secure processing areas normally off-limits to malware.

CTS-Labs, a security company based in Israel, announced Tuesday that its researchers had found 13 critical security vulnerabilities that would let attackers access data stored on AMD's Ryzen and EPYC processors, as well as install malware on them.

At the time of writing, CTS-Labs claim that if a computer is running a Ryzen, Ryzen Pro, Ryzen Mobile or Epyc chip, then it is at risk, along with machines on the same network, though no attacks have been seen out in the wild yet.

"You're virtually undetectable when you're sitting in the secure processor", Luk-Zilberman said of the flaws. Full details on each vulnerability can be found in CTS' 20-page whitepaper. The Fallout flaws can be exploited by local attackers with elevated privileges to access protected memory regions.

The Ryzen chipset itself allows malware to run on it, CTS-Labs said.

"CTS believes that networks that contain AMD computers are at a considerable risk", the report said. However, the statement AMD provided to PCWorld implied that the company wasn't given the usual amount of time to investigate the vulnerabilities internally, which is typically about 90 days.

"This allows attackers to engage in persistent, virtually undetectable espionage, buried deep in the system and executed from AMD's Secure Processor and chipset. It is our view that the existence of these vulnerabilities betrays disregard of fundamental security principles". The CTS Labs researchers have also not published any proof-of-concept exploits and said they had informed other unnamed security companies that could help develop remediation techniques.

Fortune Brands Home & Security Inc (FBHS) Shares Bought by Greenwood Gearhart Inc
Following the transaction, the director now directly owns 21,674 shares in the company, valued at approximately $1,549,691. The stock price exposed a move of -42.18% so far this year and uncovered flow of -70.34% in recent year. (NYSE:FBHS).

AMD issued an initial statement saying that the company was investigating the report to understand the "methodology and merit" of the findings.

AMD confirmed it's been made aware of the potential vulnerabilities.

We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors.

"At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise", AMD said in response to the research.

Nevertheless, CTS-Labs researchers don't want the flaws to be brushed off lightly.

Naturally, AMD is "actively investigating and analyzing" the report's findings, and we'll keep this article updated with further details as they come to light.

It's unclear how long it would take to fix these issues.

This could allow attackers "to inject malicious code into the chip" and create "an ideal target" for hackers, the researchers said.

Like this: