Backdoor Vulnerability in AMD Ryzen Chipsets Exposed
CVE-2018-8935

9CRITICAL

Key Information:

Vendor

Amd
Status
Ryzen Pro Firmware
Vendor
CVE Published:
22 March 2018

What is CVE-2018-8935?

The Promontory chipset utilized in AMD Ryzen and Ryzen Pro platforms features a backdoor within its ASIC architecture, known as CHIMERA-HW. This security flaw poses risks to the integrity and confidentiality of systems using these chipsets, potentially allowing unauthorized access or control. It highlights the need for robust security measures and proactive management of hardware vulnerabilities. Users are advised to stay informed about possible impacts and apply necessary patches to mitigate risks.

References

https://amdflaws.com/
x_refsource_MISC
https://blog.trailofbits.com/2018/03/15/amd-flaws-technic...
x_refsource_MISC
https://community.amd.com/community/amd-corporate/blog/20...
x_refsource_MISC

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2018-8935 : Backdoor Vulnerability in AMD Ryzen Chipsets Exposed