AMD released updated firmware in June that closes some high-risk security gaps in the processors. The crypto coprocessors and the firmware TPM of modern Ryzen and, in some cases, the slimmed-down Athlon CPUs are affected.

In a security bulletin, AMD writes that an IT security researcher has reported a security vulnerability that allows attackers with elevated privileges to access the registers of the crypto coprocessor. This is part of the AMD Secure Processor (ASP). This in turn is an integrated controller of all newer systems-on-chip (SoCs), which provides a Trusted Execution Environment (TEE) and a Root of Trust anchored in the hardware and secures the system boot, for example.

According to the description, inadequate access control of the ASP allows attackers to gain unauthorized access to the registers of the ASP's crypto coprocessor. This can lead to a loss of control over pointers and indices of cryptographic keys, resulting in a “loss of integrity and confidentiality” (CVE-2023-20599 / EUVD-2023-24778, CVSS , risk ).

Remarkable: AMD has been working on sealing the vulnerability for two years, it was already reported in 2023. AMD provides OEMs with updated firmware, the list of affected processors in the security bulletin remains manageable.

AMD also provides a firmware-based Trusted Platform Module (fTPM) in many processors. It also uses the ASP and is based on the TPM 2.0 reference implementation of the Trusted Computing Group. In this reference implementation, a vulnerability allows reading beyond the end of designated memory areas, AMD explains in a security note. Apps in user mode can send maliciously crafted commands to the fTPM and thus read data stored in it or “affect the availability of the TPM”, i.e., cause it to crash (CVE-2025-2884 / EUVD-2025-17717, CVSS , risk ). “AMD has investigated the Trusted Computing Group report and believes that AMD's firmware TPM is impacted by the vulnerability,” the engineers continue.

Numerous AMD Ryzen desktop and mobile processors, AI 300 CPUs, Ryzen Embedded and Threadripper CPUs are impacted by the vulnerability, according to the security note. AMD provides updated firmware for OEMs, who must use it to create new BIOS versions for their hardware and distribute them to end users. Asus, for example, did this last weekend with a BIOS update for the ROG Crosshair X870E Apex motherboard. The updated AMD Generic Encapsulated Software Architecture (AGESA) program library contains the corrected firmware component ComboAM5 PI 1.2.0.3e, which plugs the gap in the fTPM of the AMD Secure Processor and the Pluton TPM of the Ryzen 9000 desktop CPUs. For the MSI motherboard MEG X870E Godlike, there was also a newer BIOS with error correction for a short time, but the manufacturer has since withdrawn it – MSI has not given any reasons for this. For other CPUs, there have been firmware blobs for OEMs since September 2024, some of which close the security gap that has only now become known.

Security vulnerabilities in the context of AMD's AI coprocessors became known in April. However, they affected the drivers for these and not, as in this case, the underlying firmware of the CPUs.

(dmk)