Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation – Source: www.securityweek.com

Researchers at cloud security startup Wiz are reporting that a whopping 62 percent of AWS environments may be exposed to the newly documented Zenbleed information leak vulnerability in AMD Zen 2 processors.

In a research note posted Wednesday, Wiz calculated that more than 60 percent of AWS environments are running EC2 instances with Zen 2 CPUs and may therefore be affected by the use-after-free memory corruption bug.

Zenbleed, discovered and documented by Project Zero’s Tavis Ormandy, impacts all Zen 2 processors, including Ryzen 3000 (PRO and Threadripper), 4000 (PRO), 5000, 7020, and Epyc (Rome). The issue can be exploited by malicious hackers to steal sensitive data, such as passwords and encryption keys.  It is tracked as CVE-2023-20593.

As previously reported, AMD has started releasing microcode updates and the vendor has also advised customers to apply AGESA firmware updates. For some products, the updates are expected to become available in the last quarter of 2023. 

Wiz researchers are amplifying the warnings, noting that the flaw can be exploited by an attacker with unprivileged access to an affected machine to escalate privileges or gain access to data.

The company said it combed through its data and found that a vast majority of cloud environments are running the vulnerable Epyc server (“Rome”), which is a CPU designed for data centers. 

Wiz is also noting that patches are available from Google Cloud Platform (GCP) while fixes from AWS are expected to be released once testing is complete.

Related: AMD CPU Flaw ‘Zenbleed’ Can Expose Sensitive Information

Related: Intel, AMD Address Multiple Bugs With Patch Tuesday Bulletins

Related: Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulns

Related: AMD Processors Expose Sensitive Data in ‘SQUIP’ Attack