Ethical Hacking News
AMD's Secure Encrypted Virtualization (SEV-SNP) system has been identified as vulnerable to exploitation by malicious insiders, exposing sensitive data through a previously undocumented control bit. The CVE-2025-29943 designation highlights the severity of the issue and the need for immediate action from cloud providers and organizations relying on SEV-SNP.
A vulnerability in AMD's Secure Encrypted Virtualization (SEV-SNP) system has been identified, exposing sensitive data to malicious insiders. The vulnerability, dubbed "StackWarp," relies on a previously undocumented control bit on the hypervisor side and allows an attacker to manipulate the stack pointer inside a protected VM. If exploited, the attack can recover sensitive data, bypass password authentication mechanisms, and escalate privileges. A single bit flip in SEV-SNP's design can break synchronization between frontend and backend, allowing an attacker to corrupt a synchronized sibling thread and ultimately recover sensitive data or escalate privileges. Cloud providers relying on SEV-SNP for confidentiality need to patch the issue immediately, as AMD has already made available updates.
The world of cybersecurity is a complex and ever-evolving landscape, where threats emerge from the most unexpected places. A recent discovery in the realm of virtualization security has left many in the industry shaken, as a vulnerability in AMD's Secure Encrypted Virtualization (SEV-SNP) system has been identified, exposing sensitive data to malicious insiders. The CVE-2025-29943 designation, assigned to this issue, highlights the severity of the problem and the potential consequences for those who fail to address it.
At its core, SEV-SNP is a successor to AMD's Secure Encrypted Virtualization (SEV) and SEV-ES (Encrypted State), designed to provide robust hardware-based isolation between virtual machines (VMs), hypervisors, and host management code. This level of security is crucial for cloud providers offering confidential virtual machines (CVMs) that promise robust isolation between VMs, hypervisors, and host management code.
However, researchers from the CISPA Helmholtz Center for Information Security in Germany have discovered a vulnerability in AMD's Zen CPUs, which can be exploited to break the integrity of SEV-SNP. The attack, dubbed "StackWarp," relies on a previously undocumented control bit on the hypervisor side and allows an attacker running a hyperthreading VM in parallel with the target VM to manipulate the stack pointer inside the protected VM.
In essence, this means that if a malicious insider gains access to a host server, they can potentially exploit this vulnerability to recover sensitive data, bypass password authentication mechanisms, and escalate privileges. The attack scenario applies to AMD SEV-SNP when Simultaneous Multithreading (SMT) has been enabled, which allows for the sharing of core resources between two threads.
SEV-SNP's design relies on the CPU frontend to accelerate stack operations and track stack pointer changes to reduce synchronization between frontend and backend. However, a single bit flip can break this synchronization, allowing an attacker to corrupt a synchronized sibling thread and ultimately recover sensitive data or escalate privileges.
The implications of this vulnerability are far-reaching. Cloud providers that rely on SEV-SNP for confidentiality will need to take immediate action to patch the issue, as AMD has already made available updates in July 2025. However, OEM firmware updates are required to ensure the fixes are applied correctly.
Researchers from CISPA have published a paper detailing their findings and attack scenario, titled "StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU's Stack Engine." The study highlights the importance of keeping SMT enabled today and emphasizes that it undermines SEV-SNP's integrity goals.
As with any major security vulnerability, this incident serves as a reminder for organizations to stay vigilant and proactive in their cybersecurity efforts. By understanding the mechanisms behind vulnerabilities like AMD SEV-SNP, we can better prepare ourselves for emerging threats and implement effective countermeasures to protect sensitive data.
In conclusion, the discovery of the AMD SEV-SNP vulnerability marks a significant threat to the security of virtualized environments. As the digital landscape continues to evolve, it is essential that organizations prioritize cybersecurity and stay informed about emerging vulnerabilities to protect themselves from potential attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/Flawing-Foundations-The-AMD-SEV-SNP-Vulnerability-Exposes-Secrets-to-Malicious-Insiders-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/01/15/stackwarp_bug_amd_cpus/
Published: Thu Jan 15 15:23:14 2026 by llama3.2 3B Q4_K_M
