Tech

AMD Zen 2 CPU “Zenbleed” exploit discovered & it could steal your passwords

Sayem Ahmed
AMD hackedAMD/Pexels

AMD’s Zen 2 platform could be at risk due to a new bug, named Zenbleed, which was discovered by a Google security researcher.

A new vulnerability has been discovered for older AMD Zen 2 CPUs, like the popular Ryzen 3000 series. This vulnerability could potentially leave your sensitive data at risk, including passwords, logins, and more. The vulnerability was discovered by Google security researcher Tavis Ormandy, who named it “Zenbleed”.

Zenbleed was reported to AMD before Ormandy published a paper in his blog about how the exploit works. The exploit works on all processors which use a Zen 2 core, including certain data center products. The exploit can extract data via any software process running on the CPU itself, including virtual machines.

It’s also believed that the Zenbleed exploit can slow down the performance of Zen 2 CPUs, too.

AMD is already working on a fix, but it’ll take some time

Luckily, AMD is already aware of the issue, and is planning on patching up the AESGA firmware for all affected CPUs. But, you might be waiting until the end of the year.

Cloudflare also explains that the exploit does not require access to a PC to use the Zenbleed exploit, which can be accessed via Javascript. Despite only transferring data at 30kb/s, it is still enough to steam data from any software running on the system.

Even worse, Zenbleed can run completely undetected by your system, since it doesn’t require any special access to use. This means that the vulnerability could leave you at risk. It’s disappointing to see AMD seemingly being so lax with the ETA for a fix, though Ormandy notes that a software fix is possible through software tuning, and would be difficult to implement for many users.

The developer first noticed the exploit in May, and after AMD has seemingly not resolved the issue quickly enough, has gone public with his findings.

AMD currently plans to showcase new graphics cards at Gamescom 2023, such as the RX 7800. But, Zenbleed might cast a looming shadow upon them.

Related Topics

amd

About The Author

Sayem Ahmed

Dexerto's Hardware Editor. Sayem is an expert in all things Nvidia, AMD, Intel, and PC components. He has 10 years of experience, having written for the likes of Eurogamer, IGN, Trusted Reviews, Kotaku, and many more. Get in touch via email at sayem.ahmed@dexerto.com.

keep reading
Tech
AMD Ryzen Strix Point APUs spotted in new Asus gaming laptops
Rebecca Hills-Duty
Close-up of the AMD Radeon logo on a PCB.
Tech
AMD’s next-gen RDNA 4 GPUs poised for big ray tracing upgrade
Rebecca Hills-Duty
RDNA 3 Lisa Su
Tech
AMD confirms Zen 5 CPUs are coming in 2024 but it’s not all good news
Rebecca Hills-Duty
Tech
Every Asus AM5 motherboard to get Zen 5 support & it’s perfect for upgrades
Rebecca Hills-Duty

Subscribe to our newsletter for the latest updates on Esports, Gaming and more.