A team from ETH Zurich have discovered a new type of attack that can be used to compromise confidential virtual machines (CVMs) by injecting malicious hypervisors to bypass authentication and gain root access.
The attack targets hardware-based trusted execution environments, specifically AMD’s Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) and Intel’s Trust Domain Extensions (TDX) technologies. The researchers notified Intel, AMD, AWS, Microsoft, and Google before disclosing their findings.
Read More: Confidential VMs Hacked via New Ahoi Attacks
Check Out The New ITsecuritywire Podcast. For more such updates follow us on Google News ITsecuritywire News.
