A vulnerability in AMD CPUs has been uncovered, enabling attackers with administrative privileges to bypass microcode signature verification and execute malicious code.
Designated as CVE-2024-36347 (CVSS score: 6.4, Medium), the flaw impacts multiple generations of AMD EPYC™ server processors and select consumer Ryzen™ chips.
Vulnerability Overview
Google researchers identified a weakness in AMD’s microcode patch verification algorithm, allowing attackers to falsify signatures and load unauthorized updates.
.png
)
This could compromise the integrity of x86 instruction execution, expose privileged data, and even hijack the System Management Mode (SMM) environment—a high-privilege layer used for firmware operations.
AMD confirmed the flaw stems from an “improper signature verification” in the CPU’s ROM loader but emphasized no active exploits have been observed. The company is collaborating with OEMs to release firmware updates.
Affected Products
The vulnerability impacts the following AMD EPYC™ and Ryzen™ processors:
| Code Name | Product Family | CPUID |
| Naples | EPYC™ 7000 Series | 0x00800F12 |
| Rome | EPYC™ 7002 Series | 0x00830F10 |
| Milan/Milan-X | EPYC™ 7003 Series | 0x00A00F11/12 |
| Genoa/Genoa-X | EPYC™ 9004 Series | 0x00A10F11/12 |
| Bergamo/Siena | EPYC™ 9004 Series | 0x00AA0F02 |
| Raphael | Ryzen™ Embedded 4004 Series | 0x00A60F12 |
| Turin | EPYC™ 9005 Series (Upcoming) | 0x00B00F21 |
Mitigation and Firmware Updates
AMD has released Platform Initialization (PI) firmware patches to address the flaw. System administrators must update their BIOS via OEM providers using the minimum microcode versions below:
- EPYC™ 7000 Series (Naples): PI version 1.0.0.P1 (Microcode: 0x08001278)
- EPYC™ 7002 Series (Rome): PI version 1.0.0.L1 (Microcode: 0x0830107D)
- EPYC™ 7003 Series (Milan): PI version 1.0.0.F2 (Microcode: 0x0A0011DB/0A001244)
- EPYC™ 9004 Series (Genoa): PI version 1.0.0.E3 (Microcode: 0x0A101154/0A10124F/0AA00219)
Post-update, hot-loading microcode patches is blocked on older BIOS versions. Systems running MilanPI below 1.0.0.F or GenoaPI below 1.0.0.E will trigger a #GP fault during hot-load attempts.
Recommendations
- Contact OEMs Immediately: Reach out to hardware vendors for BIOS updates tailored to your system.
- Audit Privileged Access: Limit administrative privileges to minimize exploitation risk.
- Monitor Firmware Updates: AMD advises against hot-loading microcode until PI versions are fully deployed.
While the flaw poses significant risks, AMD’s proactive patches and collaboration with researchers highlight a swift response. Enterprises and data centers should prioritize updates to safeguard against potential privilege escalation attacks.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
