Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Battering RAM interposer attack breaks Intel SGX and AMD SEV-SNP confidential computing

Technical Analysis
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

Researchers demonstrated Battering RAM, a $50 interposer attack that can bypass Intel SGX and AMD SEV-SNP, undermining confidential-computing protections for cloud-sensitive workloads. The technique exploits a low-cost hardware insert in the memory path to capture and replay encrypted data after boot. Because the attack can also defeat SEV-SNP attestation, it weakens trust in platforms that rely on hardware memory encryption for isolation.

Related Happenings

AMD StackWarp SEV-SNP bypass (CVE-2025-29943)

Vulnerability
First: 19.01.2026 13:31 Last: 19.01.2026 13:31 Sources 1

About this happening: **StackWarp** is a **CVE-2025-29943** hardware vulnerability in **AMD Zen 1 through Zen 5** CPUs that can bypass **SEV-SNP** protections and expose confidential VM workloads. The...

Open Happening

Microsoft BitLocker hardware-accelerated rollout in Windows 11

Security Tool/Service
First: 23.12.2025 22:03 Last: 23.12.2025 22:03 Sources 1

About this happening: Microsoft is rolling out **hardware-accelerated BitLocker** in **Windows 11**, improving **encryption performance** and **key protection** on supported devices. The new mode offlo...

Open Happening

AMD security patch release for CVE-2025-0033

Security Patch Release
First: 14.10.2025 13:52 Last: 14.10.2025 13:52 Sources 1

About this happening: **AMD** sent **BIOS-update patches** to **OEMs** for **EPYC** and **EPYC Embedded** processors after identifying **CVE-2025-0033**. The fix is meant to address a **SEV-SNP** memor...

Open Happening

AMD SEV-SNP RMP initialization race condition remote code execution flaw (CVE-2025-0033)

Vulnerability
First: 14.10.2025 13:52 Last: 14.10.2025 13:52 Sources 1

About this happening: **CVE-2025-0033** exposes a **race condition** in **AMD SEV-SNP** RMP initialization that can let a **malicious hypervisor** corrupt protected memory mappings and break guest **co...

Open Happening

WireTap memory-bus interposer analysis breaks Intel SGX attestation on DDR4 systems

Technical Analysis
First: 01.10.2025 20:20 Last: 01.10.2025 20:20 Sources 1

About this happening: Researchers demonstrated **WireTap**, a **memory-bus interposer** attack that can extract **Intel SGX attestation keys** on **DDR4 systems**, undermining enclave confidentiality a...

Open Happening

Timeline

  1. 01.10.2025 17:54 1 articles · 7mo ago

    Intel and AMD issue Battering RAM advisories

    Mitigation Patch Update

    Intel and AMD issue separate advisories on Battering RAM, saying physical DRAM attacks are out of scope for current products and that they will not change processor technology to mitigate the exploit. Intel says the cryptographic integrity protection mode of Intel Total Memory Encryption-Multi-Key (Intel TME-MK) can provide additional protection against alias-based attacks on supported Xeon platforms, while AMD says the reported exploit falls outside the published threat model for SEV-SNP.

    Show sources
    Open in new tab
  2. 01.10.2025 17:54 2 articles · 7mo ago

    Researchers disclose $50 Battering RAM interposer attack

    Initial Disclosure

    Researchers at KU Leuven and the University of Birmingham/Durham University disclose Battering RAM, a $50 custom DRAM interposer that sits in the memory path, dynamically rewrites address metadata, and captures and replays encrypted memory to bypass Intel SGX and AMD SEV-SNP on cloud systems. The technique can also break AMD SEV-SNP attestation, turn protected addresses toward attacker-controlled locations, and convert brief physical access into plaintext access or arbitrary writes inside confidential workloads.

    Show sources
    Open in new tab