AMD has disclosed a high-severity vulnerability (CVE-2024-56161) in its Secure Encrypted Virtualization (SEV) technology, which could allow attackers with administrative privileges to inject malicious CPU microcode.
This flaw compromises the confidentiality and integrity of virtual machines (VMs) protected by SEV-SNP, a security feature designed to safeguard sensitive workloads in virtualized environments.
https://cybersecuritynews.com/amd-sev-v ... injection/