Tech News

AMD ‘Zenbleed’ exploit can leak passwords and encryption keys from Ryzen CPUs

AMD is rolling out patches for at-risk CPUs, though these updates may impact system performance. | Illustration: Beatrice Sala

A new vulnerability impacting AMD’s line of Zen 2 processors — which includes popular CPUs like the budget-friendly Ryzen 5 3600 — has been discovered that can be exploited to steal sensitive data like passwords and encryption keys. Google security researcher Tavis Ormandy disclosed the “Zenbleed” bug (filed as CVE-2023-20593) on his blog this week after first reporting the vulnerability to AMD on May 15th.

The entire Zen 2 product stack is impacted by the vulnerability, including all processors within the AMD Ryzen 3000 / 4000 / 5000 / 7020 series, the Ryzen Pro 3000 / 4000 series, and AMD’s EPYC “Rome” data center processors. AMD has since published its anticipated release timeline for patching out the exploit, with most firmware…

Continue reading…

You may also like