TEE.Fail Attack Exposes Secrets from Trusted Execution Environments

Cyber Security News by CyberSum.net

Published on October 29, 2025 at 09:00 AM

2 sources

Researchers developed TEE.Fail, a side-channel attack targeting trusted execution environments (TEEs) in CPUs like Intel's SGX and AMD's SEV-SNP. Using off-the-shelf equipment costing under $1,000, the attack extracts cryptographic keys by interposing on DDR5 memory traffic. The study highlights vulnerabilities in deterministic AES-XTS encryption and demonstrates key extraction from confidential virtual machines. While Intel and AMD acknowledge the findings, they consider physical attacks out of scope for mitigation.

Also Read

Cyber Espionage Campaign Targets Diplomats with PlugX Malware

A threat actor known as UNC6384 has been targeting diplomatic entities in a cyber-espionage campaign since September. The group exploits a high-severity Windows vulnerability and uses refined social engineering tactics. The attack starts with spear-phishing emails leading to malicious LNK files, which ultimately deploy the PlugX remote access Trojan (RAT). The campaign is expanding across the diplomatic community and government agencies in various regions. Mitigation measures include reviewing and blocking command-and-control infrastructures and conducting security awareness training.

By Cyber Security News by CyberSum.netNovember 1, 2025 at 03:00 AM