AMD disclosed two exploits targeting the Secure Encrypted Virtualization (SEV) feature used by its first-, second-, and third-gen EPYC processors ahead of their presentation at the 15th IEEE Workshop on Offensive Technologies (WOOT’21).
The first exploit, CVE-2020-12967, is set to be presented in a paper from researchers at Fraunhofer AISEC and the Technical University of Munich titled “SEVerity: Code Injection Attacks against Encrypted Virtual Machines.”