CyberSum logo
Back

RMPocalypse: AMD Fixes Critical Flaw in SEV-SNP

Cyber Security News by CyberSum.net
2 sources
AMD has released fixes for a critical vulnerability, dubbed RMPocalypse, which affects its Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The flaw allows attackers to exploit incomplete protections during the initialization of the Reverse Map Table (RMP), compromising the confidentiality and integrity of virtual machines. Researchers from ETH Zürich discovered that a single memory write to the RMP could enable attackers to access sensitive information and manipulate the virtual machine environment. AMD has assigned the vulnerability the identifier CVE-2025-0033 and has planned fixes for affected chipsets. The flaw impacts various AMD EPYC processors, and companies like Microsoft and Supermicro are working on remediation.

Also Read

Cisco SNMP Vulnerability Exploited in Operation Zero Disco

Cybersecurity researchers at Trend Micro have uncovered an active attack campaign called Operation Zero Disco, which exploits a critical vulnerability in Cisco’s SNMP implementation. The vulnerability, tracked as CVE-2025-20352, allows attackers to execute remote code and deploy sophisticated Linux rootkits on vulnerable network devices. The campaign primarily targets older Cisco switch models, enabling persistent unauthorized access and evasion of detection. Attackers use spoofed IP addresses and MAC email addresses to obscure their activities, and the rootkit installs hooks into the IOSd memory space, creating fileless backdoor components that disappear after system reboots but remain active during normal operation.

By Cyber Security News by CyberSum.net