Security News > 2023 > November > CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs
2023-11-14 18:40
A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security. It
News URL
https://thehackernews.com/2023/11/cachewarp-attack-new-vulnerability-in.html
Related news
- AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-20592 | Unspecified vulnerability in AMD products Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. | 6.5 |