AMD Fixes Vulnerability that Allows Malicious Microcode Injection
⚡ TL;DR | Go Straight to AMD EPYC CPU Audit Report
A high-severity vulnerability has been discovered in AMD’s EPYC processors that could be exploited to load malicious CPU microcode on vulnerable devices that could lead to the loss of the SEV-based protection of a confidential guest. AMD has released mitigation and firmware updates to address the issue. We have added a new report to Lansweeper to help you locate vulnerable processors.
AMD EPYC Vulnerability CVE-2024-56161
The vulnerability tracked as CVE-2024-56161 is described as an improper signature verification in AMD CPU ROM microcode patch loader and has a high CVSS severity rating of 7.2. It would allow an attacker with local administrator privilege to load malicious CPU microcode that may results in a loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP. You can read the full details about this vulnerability in AMD’s security bulletin.
Update Vulnerable AMD Processors
Ams has provided a mitigation for the issue that requires updating microcode on all impacted platforms. That shoud prevent an attacker from loading malicious microcode. Some platforms will also require an SEV firmware update to support SEV-SNP attestation. Updating the system BIOS image and rebooting the platform will enable attestation of the mitigation.
You can confirm that the recommended mitigation has been correctly installed by checking whether the microcode version matches the one listed in the table below. For more information, you can refer to AMD’s security bulletin.
| Code Name | Family | CPUID |
| Naples | AMD EPYC™ 7001 Series | 0x00800F12 |
| Rome | AMD EPYC™ 7002 Series | 0x00830F10 |
| Milan | AMD EPYC™ 7003 Series | 0x00A00F11 |
| Milan-X | AMD EPYC™ 7003 Series | 0x00A00F12 |
| Genoa | AMD EPYC™ 9004 Series | 0x00A10F11 |
| Genoa-X | AMD EPYC™ 9004 Series | 0x00A10F12 |
| Bergamo/Siena | AMD EPYC™ 9004 Series | 0x00AA0F02 |
Discover Vulnerable AMD Processors
Our team has created a new audit report to help you locate vulnerable AMD EPYC processors in your network on Windows, Linux, and Mac. This way you have an actionable list of devices that are at risk and still need yoru intervention. You can get the report via the link below.
Ready to get started?
You’ll be up and running in no time.
Explore all our features, free for 14 days.