- CISPA researchers discover AMD processor “StackWarp” flaw that breaks VM confidential protections
- Vulnerability Allows RCE, Privilege Elevation, and Private Key Theft in Zen CPUs
- AMD has released a patch (CVE-2025-29943), deemed low severity, requiring host-level access to exploit it.
A recently discovered vulnerability in AMD chips allows malicious actors to perform remote code execution (RCE) and privilege escalation in virtual machines.
Cybersecurity researchers at the CISPA Helmholtz Center for Information Security in Germany detailed a vulnerability they named StackWarp, a hardware vulnerability in AMD processors that breaks the protections of confidential virtual machines, by manipulating how the processor tracks the stack and allowing a malicious insider or hypervisor to modify the program flow or read sensitive data inside a protected VM.
As a result, malicious actors can retrieve private keys and execute code with elevated privileges, even if the VM’s memory was supposed to be secure.
Silver lining
StackWarp is said to impact AMD Zen, 1 through 5 processors, with researchers demonstrating the impact in multiple scenarios. In one case, they were able to reconstruct an RSE-2048 private key, while in another they bypassed OpenSSH password authentication.
The positive takeaway from the report is the fact that the threat actor first needs privileged control over the host server running the virtual machines. This means the vulnerability can be exploited either by malicious insiders, cloud providers, or highly sophisticated threat actors with prior access.
This significantly reduces the number of potential attackers, but it still shows how AMD’s SEV-SNP, designed to encrypt virtual machine memory, can be weakened and compromised.
“These results demonstrate that the execution integrity of CVMs – the very defense that SEV-SNP aims to provide – can be effectively broken: confidential keys and passwords can be stolen, attackers can impersonate legitimate users or take persistent control of the system, and the isolation between guest virtual machines and the host or other virtual machines can no longer be reliable,” the report states.
AMD acknowledged the findings and released a patch, which the bug has now tracked as CVE-2025-29943 and received a low severity score (3.2/10).
Via The register
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
