CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
29.2%
**Bulletin ID:**AMD-SB-3004 **Potential Impact:**Information disclosure **Severity:**Low
Researchers have reported a potential power side-channel attack using the Running Average Power Limit (RAPL) interface on AMD SEV VMs.
The researchers focused only on the first generation of AMD SEV technology and state they did not experiment on SEV-ES or SEV-SNP (subsequent SEV generations) due to their own equipment limitations and security enhancements in subsequent SEV generations, such as encrypted VMSA which is designed to provide some security measures against the type of attacks reported in their paper.
In our analysis, the reported attack does not seem to be a particularly novel attack as it uses the same technique as the Platypus attack from 2020. One difference from the Platypus attack is this reported attack is used against an AMD SEV virtual machine. As measured by our CVSS scoring, this is a low severity issue.
Data Center
1st Gen AMD EPYC™ Processors
2nd Gen AMD EPYC™ Processors
3rd Gen AMD EPYC™ Processors
4th Gen AMD EPYC™ Processors
Refer to Glossary for explanation of terms
CVE | Severity | CVE Description |
---|---|---|
CVE-2023-20575 | Low__ | A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information. |
AMD recommends software developers employ existing best practices including constant-time algorithms, power side-channel resistant algorithms and avoid secret-dependent control flows where appropriate to help mitigate this potential vulnerability.