Researchers from the CISPA Helmholtz Center for Information Security [1], Graz University of Technology [1], and independent researcher Youheng Lu have discovered a vulnerability in AMD CPUs called “CacheWarp.” This vulnerability affects first- through third-generation EPYC processors, including the Naples, Rome [2], and Milan product lines [2]. CacheWarp exploits weaknesses in AMD’s Secure Encrypted Virtualization (SEV) technology, specifically the SEV-ES and SEV-SNP implementations [2].


CacheWarp utilizes a software-based fault injection technique to manipulate the cache memory behavior in a virtual machine (VM) protected by SEV [2]. This allows undetected fault injection and bypassing of integrity verification mechanisms [2], enabling attackers to gain escalated privileges or perform remote code execution in cloud environments [3]. As a result, systems relying on encrypted virtualization for protection are at risk [2].

AMD has taken steps to address this vulnerability. They have released an update for third-generation EPYC Milan processors [2], including a microcode patch and updated firmware [1] [2], to mitigate the issue without impacting system performance [2]. However, no countermeasures are currently available for the first and second generations of EPYC processors due to limitations in the SEV and SEV-ES features and the absence of SEV-SNP on these older architectures. The delay in releasing the patch for the affected processors was due to standard practice in coordinated vulnerability disclosure.


The vulnerability, tracked as CVE-2023-20592 [1], allows attackers to gain access to encrypted virtual machines (VMs) and escalate privileges [1]. It was discovered by the aforementioned researchers. The attack method involves exploiting a potential vulnerability with the INVD instruction that could compromise memory integrity for SEV-ES and SEV-SNP guest VMs [1]. AMD has provided a microcode update, along with a hot-loadable microcode patch and updated firmware image for AMD 3rd generation EPYC processors [1], to address this vulnerability [1]. The patch should not impact performance [1].