DigiNews

Summary

Fabricked presents a software-only attack against AMD SEV-SNP by misconfiguring Infinity Fabric to redirect memory transactions, fooling the secure co-processor during SEV-SNP initialization and potentially granting arbitrary access to CVM memory. The vulnerability relies on untrusted UEFI and configurable Infinity Fabric routing, resulting in an uninitialized RMP and compromised confidentiality. The research assigns CVE-2025-54510, discusses affected Zen 3–Zen 5 platforms, and notes AMD's response and mitigations.