Full Report
Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The attack, per ETH Zürich researchers Benedict Schlüter and Shweta Shinde, exploits AMD's incomplete protections that make it possible to perform a single memory
Analysis Summary
# Vulnerability: RMPocalypse Flaw in AMD SEV-SNP Undermines Confidential Computing via RMP Table Corruption
## CVE Details
- CVE ID: CVE-2025-0033
- CVSS Score: 5.9 (Medium based on score, high impact conceptually)
- CWE: Detailed CWE not provided, but relates to improper access control/race condition during initialization.
## Affected Systems
- Products: AMD EPYC™ Processors utilizing Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP).
- Versions:
- AMD EPYC™ 7003 Series Processors
- AMD EPYC™ 8004 Series Processors
- AMD EPYC™ 9004 Series Processors
- AMD EPYC™ 9005 Series Processors
- AMD EPYC™ Embedded 7003 Series Processors
- AMD EPYC™ Embedded 8004 Series Processors
- AMD EPYC™ Embedded 9004 Series Processors
- AMD EPYC™ Embedded 9005 Series Processors
- Configurations: Systems where the AMD Secure Processor (PSP/ASP) initializes the Reverse Map Paging (RMP) table during SEV-SNP enablement. Exploitable by a malicious hypervisor.
## Vulnerability Description
The vulnerability, dubbed "RMPocalypse," stems from a race condition during the initialization of the Reverse Map Paging (RMP) table by the AMD Secure Processor (PSP/ASP) when enabling SEV-SNP. The RMP table stores security metadata essential for confidential VM isolation. Due to insufficient access controls during this initialization window, an attacker (specifically, a malicious hypervisor with admin privileges) can perform a single, precise 8-byte write to the RMP table. This manipulation allows the attacker to compromise the security metadata of guest physical addresses (gPAs), effectively breaking SEV-SNP confidentiality and integrity guarantees.
## Exploitation
- Status: Described by researchers, suggesting exploitation is demonstrated/possible; **PoC available** (implied by research context).
- Complexity: Likely **Medium** to **High**, as it requires deep architectural knowledge and precision timing during the initialization phase, but the resulting impact is complete compromise.
- Attack Vector: **Local** (Hypervisor context) or **Network** (Remote access to gain hypervisor control).
## Impact
- Confidentiality: **High** (Exfiltration of all secrets from CVMs possible).
- Integrity: **High** (Arbitrary tampering with CVM execution, attestation forgeries, injecting foreign code).
- Availability: **Medium** (Potential for service disruption, though the primary goal is secrecy and control).
## Remediation
### Patches
- AMD is planning fixes for the Embedded 7003/9005 series processors for release in **November 2025**.
- For other affected EPYC series, remediation is likely included in processor microcode and/or firmware updates from the vendor (BIOS/UEFI updates required for motherboard/platform fixes, e.g., Supermicro requires a BIOS update).
- Microsoft is working on remediation for Azure Confidential Computing (ACC) AMD-based clusters.
### Workarounds
- Running workloads outside of SEV-SNP environments until patches are applied.
- Ensuring physical or logical separation from the hypervisor access level if possible, though this contradicts the protection SEV-SNP is meant to provide.
## Detection
- **Indicators of Compromise:** Unexpected process behavior, memory read/write errors within secured VMs, evidence of successful security attestation verification when it should have failed.
- **Detection Methods and Tools:** Monitoring of hypervisor initialization routines for anomalies related to RMP access patterns. Deep hardware monitoring tools may be necessary to observe PSP/ASP interactions during boot phases.
## References
- Vendor Advisory (AMD)
- Microsoft Security Response Center (MSRC) Advisory for CVE-2025-0033
- Supermicro Security Advisory for AMD SB-3020
- Research Material Link (Defanged): hxxps://rmpocalypse.github.io/
- ETH Zurich News Link (Defanged): hxxps://ethz.ch/en/news-and-events/eth-news/news/2025/10/eth-researchers-uncover-vulnerability-in-confidential-cloud-environments.html