Severe Security Advisory

on AMD Processors

What happened?

13 Critical Security Vulnerabilities and Manufacturer Backdoors discovered throughout AMD Ryzen & EPYC product lines.

Am I affected?

Any consumer or organization purchasing AMD Servers, Workstations, or Laptops are affected by these vulnerabilities.

What is this site for?

This site is to inform the public about the vulnerabilities and call upon AMD and the security community to fix the vulnerable products.

This site is maintained by CTS-Labs. By accessing the contents of this website, you confirm that you have read our full disclaimer.

4 Classes of Vulnerabilities


Affected Product Lines

Affected Chips

AMD Secure Processor
Critical Security Vulnerabilities in the AMD Secure Processor

AMD Secure Processor, responsible for maintaining security within EPYC and Ryzen processors, is currently being shipped with critical security vulnerabilities allowing malicious actors to install malware inside the chip.

The vulnerabilities may allow malicious actors to proliferate through corporate networks using stolen network credentials, by allowing Microsoft Windows Credential Guard to be bypassed.

Secure Encrypted Virtualization, a key feature that AMD advertises to cloud providers, could be defeated as soon as attackers obtain malicious code execution on the EPYC Secure Processor.

A malicious actor can gain full access to the compromised system, its physical memory, peripherals and to the secrets stored inside (fTPM).

Attackers could execute malicious code on the EPYC Secure Processor.

AMD Ryzen Chipset
Outsourced Chip Design Contains Backdoors

The chipset is a central component on Ryzen and Ryzen Pro workstations: it links the processor with hardware devices such as WiFi and network cards, making it an ideal target for malicious actors.

The Ryzen chipset is currently being shipped with exploitable backdoors that could let attackers inject malicious code into the chip, providing them with a safe haven to operate from.

AMD’s outsource partner, ASMedia, is a subsidiary of ASUSTeK Computer, a company with poor security track record that has been penalized by the Federal Trade Commission for neglecting security vulnerabilities, and must now undergo independent security audits for the next 20 years.

The Chipset backdoors exist on virtually all Ryzen and Ryzen Pro workstations on the market today.

USB, SATA, PCI-E, and network traffic may flow through the chipset. Malware could leverage this position of power.

Vulnerabilities Map

Ryzen Workstation
Ryzen Pro
Ryzen Mobile
EPYC Server


























Total Products Affected (Successfully Exploited)


Total Products Affected (Probably Vulnerable)


Successfully Exploited
Probably Vulnerable

The Vulnerabilities


RYZENFALL allows malicious code to take complete control over the AMD Secure Processor.

Secure Processor privileges could be leveraged to read and write protected memory areas, such as SMRAM and the Windows Credential Guard isolated memory.

Attackers could use RYZENFALL to bypass Windows Credential Guard, steal network credentials, and then potentially spread through even highly secure Windows corporate networks.

Attackers could use RYZENFALL in conjunction with MASTERKEY to install persistent malware on the Secure Processor, exposing customers to the risk of covert and long-term industrial espionage.


The vulnerabilities allow attackers to read from and write to protected memory areas, such as SMRAM and Windows Credential Guard isolated memory (VTL-1).

An attacker could leverage these vulnerabilities to steal network credentials protected by Windows Credential Guard.

An attacker could leverage these vulnerabilities to bypass BIOS flashing protections that are implemented in SMM.


Two sets of manufacturer backdoors discovered: One implemented in firmware, the other in hardware (ASIC). The backdoors allow malicious code to be injected into the AMD Ryzen chipset.

The chipset links the CPU to USB, SATA, and PCI-E devices. Network, WiFi and Bluetooth traffic often flows through the chipset as well. An attacker could leverage the chipset’s middleman position to launch sophisticated attacks.

Chipset-based malware could evade virtually all endpoint security solutions on the market.

Malware running on the chipset could leverage the latter’s Direct Memory Access (DMA) engine to attack the operating system. This kind of attack has been demonstrated.


Multiple vulnerabilities in AMD Secure Processor firmware allow attackers to infiltrate the Secure Processor.

Enables stealthy and persistent malware, resilient against virtually all security solutions on the market.

Allows tampering with AMD’s firmware-based security features such as Secure Encrypted Virtualization (SEV) and Firmware Trusted Platform Module (fTPM).

Facilitates network credential theft by allowing Windows Credential Guard to be bypassed.

Physical damage and bricking of hardware. Could be used by attackers in hardware-based "ransomware" scenarios.

Questions & Answers

Is my organization currently at risk?

If you have an AMD Ryzen, Ryzen Pro, Ryzen Mobile or EPYC machine on your network, and that machine is compromised, your network is at risk.

How long before a fix is available?

We don't know. CTS has been in touch with industry experts to try and answer this question. According to experts, firmware vulnerabilities such as MASTERKEY, RYZENFALL and FALLOUT take several months to fix. Hardware vulnerabilities such as CHIMERA cannot be fixed and require a workaround. Producing a workaround may be difficult and cause undesired side-effects.

Are these vulnerabilities currently being exploited in the wild?

We don't know, but we are concerned about CHIMERA. Similar vulnerabilities in other ASMedia products have been known in hardware hacking circles for several years.

Why are you doing this?

To bring these issues to public attention, and to warn users and organizations. In particular, we urge the community to pay closer attention to the security of AMD devices before allowing them on mission-critical systems that could potentially put lives at risk.

Doesn't this publication put users at risk?

No. All technical details that could be used to reproduce the vulnerabilities have been redacted from this publication. CTS has shared this information with AMD, Microsoft, and a small number of companies that could produce patches and mitigations.

Can I use materials from this site?

Yes, we give permission to anyone to download and publish the materials with credit to CTS-Labs.

What can I do?

Contact AMD and ask for a prompt solution. We will update this website as fixes and mitigations become available.

If you wish to learn more about the vulnerabilities and the research, you can download our whitepaper

Existing Solutions

Solutions and mitigation by AMD and third party providers

Security Company


Affected Vulnerabilities


Validated By CTS-Labs

If you have created a workaround for a specific problem, please contact us at, and we will post it here.


This website is intended for general information purposes.  This website does not offer the reader any recommendations or professional advice.  It summarizes security vulnerabilities, but purposefully does not provide a complete description.  CTS is a research organization.  The other organizations named in this website have not confirmed the accuracy or determined the adequacy of its contents.  The opinions and information in this website are solely that of CTS’s personnel. Do not attempt to exploit or otherwise take advantage of the security vulnerabilities described in the website.  You may republish this website in whole or in part as long as CTS is clearly and visibly credited and appropriately cited, and as long as you do not edit contents.  Although this website is designed to provide accurate and authoritative information, CTS and its personnel do not accept responsibility for errors or omissions.  CTS reserves the right to change the contents of this website and the restrictions on its use and CTS reserves the right to refrain from updating this website even as it becomes outdated or inaccurate.


Company website:
General Inquiry:
Solutions / Workarounds:
Media Inquiries - Jessica Schaefer, BevelPR: