Researchers say they’ve discovered serious potential vulnerabilities within AMD’s Ryzen and Epyc chip architectures, which have now been confirmed by two independent firms. AMD said it’s taking the reports seriously, though it wasn’t provided sufficient time to investigate or confirm them before their disclosure.
CTS-Labs, a security research company which says it specializes in vulnerabilities within ASICs and other chips, has said it’s discovered four potential attacks, code-named Masterkey, Ryzenfall, Fallout, and Chimera. All would require a program running with local access and administrator privileges to exploit them. CTS published a clarification paper on March 16 with more technical details, including a claim that an attacker does not need physical access to the machine and that the vulnerabilities were more relevant to enterprise customers, not PC users.