Improper Access Control in AMD SEV-SNP Product by AMD
CVE-2025-0033

6MEDIUM

Key Information:

Vendor

Amd
Status
Amd Epyc™ 7003 Series Processors (formerly Codenamed "milan")
Amd Epyc™ 9005 Series Processors (formerly Codenamed "turin")
Vendor
CVE Published:
14 October 2025

Badges

đź“° News Worthy

What is CVE-2025-0033?

An improper access control vulnerability in AMD's SEV-SNP technology could enable an attacker with administrative privileges to write to the Read Memory Protection (RMP) during the Secure Nested Paging (SNP) initialization process. This could potentially compromise the integrity of the SEV-SNP guest memory, allowing unauthorized manipulation of memory resources.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AMD EPYC™ 7003 Series Processors (formerly codenamed "Milan") MilanPI 1.0.0.H

AMD EPYC™ 9005 Series Processors (formerly codenamed "Turin") TurinPI 1.0.0.6

News Articles

favicon imageThe Hacker News

RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

AMD patches CVE-2025-0033 “RMPocalypse,” a flaw allowing full SEV-SNP VM compromise via RMP overwrite.

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • đź“°

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

JSON
.