Battering RAM Attack Bypasses Intel and AMD Cloud Security Protections
Summary
Hide ▲
Show ▼
A group of academics from KU Leuven and the University of Birmingham have demonstrated a new vulnerability called Battering RAM. This vulnerability bypasses the latest defenses on Intel and AMD cloud processors, compromising Intel's Software Guard Extensions (SGX) and AMD's Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The attack leverages a custom-built, low-cost DDR4 interposer hardware hack to stealthily redirect physical addresses and gain unauthorized access to protected memory regions. The vulnerability affects systems using DDR4 memory, particularly those relying on confidential computing workloads in public cloud environments. Successful exploitation can allow a rogue cloud infrastructure provider or insider with limited physical access to compromise remote attestation and enable the insertion of arbitrary backdoors into protected workloads. The vulnerability was reported to the vendors earlier this year, but defending against Battering RAM would require a fundamental redesign of memory encryption itself.
Timeline
-
30.09.2025 21:42 1 articles · 5h ago
Battering RAM Attack Bypasses Intel and AMD Cloud Security Protections
A group of academics from KU Leuven and the University of Birmingham demonstrated a new vulnerability called Battering RAM. This vulnerability bypasses the latest defenses on Intel and AMD cloud processors, compromising Intel's Software Guard Extensions (SGX) and AMD's Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The attack leverages a custom-built, low-cost DDR4 interposer hardware hack to stealthily redirect physical addresses and gain unauthorized access to protected memory regions. The vulnerability affects systems using DDR4 memory, particularly those relying on confidential computing workloads in public cloud environments. Successful exploitation can allow a rogue cloud infrastructure provider or insider with limited physical access to compromise remote attestation and enable the insertion of arbitrary backdoors into protected workloads. The vulnerability was reported to the vendors earlier this year, but defending against Battering RAM would require a fundamental redesign of memory encryption itself.
Show sources
- $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections — thehackernews.com — 30.09.2025 21:42
Information Snippets
-
Battering RAM is a new vulnerability that bypasses Intel's SGX and AMD's SEV-SNP hardware security features.
First reported: 30.09.2025 21:421 source, 1 articleShow sources
- $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections — thehackernews.com — 30.09.2025 21:42
-
The attack uses a custom-built, low-cost DDR4 interposer to redirect physical addresses and gain unauthorized access to protected memory regions.
First reported: 30.09.2025 21:421 source, 1 articleShow sources
- $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections — thehackernews.com — 30.09.2025 21:42
-
The vulnerability affects systems using DDR4 memory, particularly those relying on confidential computing workloads in public cloud environments.
First reported: 30.09.2025 21:421 source, 1 articleShow sources
- $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections — thehackernews.com — 30.09.2025 21:42
-
Successful exploitation can allow a rogue cloud infrastructure provider or insider with limited physical access to compromise remote attestation and enable the insertion of arbitrary backdoors into protected workloads.
First reported: 30.09.2025 21:421 source, 1 articleShow sources
- $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections — thehackernews.com — 30.09.2025 21:42
-
The vulnerability was reported to the vendors earlier this year, but defending against Battering RAM would require a fundamental redesign of memory encryption.
First reported: 30.09.2025 21:421 source, 1 articleShow sources
- $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections — thehackernews.com — 30.09.2025 21:42