CVE-2025-0033

The RMPocalypse attack fundamentally undermines the security guarantees provided by AMD's Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). This vulnerability is rooted in a flaw during the initialization phase of the system's Reverse Map Table (RMP), which is crucial for protecting memory integrity in an environment where sensitive data is processed. The issue, detailed in research presented at a 2025 cybersecurity conference, allows malicious hypervisors to corrupt the RMP and consequently tamper with encrypted virtual machines, jeopardizing data confidentiality escalated in major cloud service infrastructures like AWS, Azure, and Google Cloud.

The exploit particularly targets processors from AMD's Zen architecture, including EPYC server chips, which are extensively deployed in production environments. As the researchers pointed out, the ARM-based Platform Security Processor (PSP) responsible for setting up security measures has crucial flaws during the RMP initialization process. These gaps can be leveraged by attackers to overwrite critical data structures with arbitrary values. The implications are dire: once the RMP is compromised, attackers may forge attestation reports, manipulate virtual machine access, and even engage in rollback attacks that further threaten confidential workloads. With no immediate patches available, the urgency for both awareness and fixes from AMD is exceedingly pressing, especially for cloud tenants relying on these processors for confidential computing.

How can organizations utilize this information to better secure their cloud environments against emerging threats?

Learn More: Cyber Security News

👉 Subscribe to /r/PwnHub