BadRAM: $10 hack unlocks AMD encrypted memory

Cybersecurity researchers have identified a vulnerability (CVE-2024-21944, aka BadRAM) affecting ADM processors that can be triggered by rogue memory modules to unlock the chips’ encrypted memory.

The SPD chip can be modified using an off-the-shelf microcontroller. The researchers used a Raspberry Pi Pico, for a cost of around $10

“We found that tampering with the embedded SPD chip on commercial DRAM modules allows attackers to bypass AMD’s Secure Encrypted Virtualization (SEV) protections — including AMD’s latest SEV-SNP version. For less than $10 in off-the-shelf equipment, we can trick the processor into allowing access to encrypted memory. We build on this BadRAM attack primitive to completely compromise the AMD SEV ecosystem, faking remote attestation reports and inserting backdoors into any SEV-protected VM,” the researchers explained.

This vulnerability primarily impacts systems relying on SEV technology, commonly used in cloud computing environments, to provide isolation and encryption for virtual machines. Cloud service providers, enterprises hosting sensitive workloads, and organizations deploying SEV-enabled infrastructures are at risk.

To mitigate the BadRAM vulnerability, AMD has issued firmware updates to securely validate memory configurations during the processor’s boot process. AMD tracks the vulnerability under AMD-SB-3015.

For regular users, the risk is minimal if they do not allow physical access to their hardware. However, keeping systems updated with the latest firmware is always recommended. Most cloud providers have implemented AMD’s firmware updates with the necessary countermeasures.

The study was conducted by a team of experts from KU Leuven, the University of Lübeck, and the University of Birmingham. You can watch a demo of the attack here, and you can access the research paper and additional resources on GitHub.