TL;DR
A new software-based attack called Fabricked exploits misconfigurations in AMD’s Infinity Fabric to bypass SEV-SNP protections. The attack can be carried out by a malicious hypervisor with UEFI privileges, potentially compromising confidential virtual machines in cloud settings.
Researchers have disclosed Fabricked, a novel software attack that manipulates the Infinity Fabric to bypass AMD SEV-SNP security protections, potentially allowing malicious hypervisors to access encrypted virtual machine memory in cloud environments.
Fabricked exploits a vulnerability in the configuration process of AMD’s Infinity Fabric, a high-speed interconnect used in modern AMD processors. By modifying untrusted UEFI firmware, an attacker can re-route memory transactions, specifically targeting the secure co-processor (PSP) during SEV-SNP initialization. This manipulation prevents the correct setup of the RMP (Revocation and Memory Protection) data structure, which enforces memory access controls within confidential virtual machines (CVMs). As a result, the attacker can perform arbitrary read and write operations on CVM memory, effectively bypassing SEV-SNP protections.
The vulnerability was confirmed on AMD Zen 5 EPYC processors, with indications that similar issues may affect Zen 3 and Zen 4 models, as firmware updates address related CVE-2025-54510 mitigations. The attack requires a malicious hypervisor with UEFI privileges and does not depend on code inside the CVM itself, making it a fully deterministic, software-only exploit with a 100% success rate.
Why It Matters
This vulnerability poses a significant threat to confidential computing in cloud environments. By bypassing SEV-SNP protections, attackers could access sensitive data stored within encrypted virtual machines, undermining data privacy guarantees that many cloud providers rely on. Given the widespread adoption of AMD’s EPYC processors in enterprise data centers, the potential impact is substantial, especially for organizations handling highly sensitive workloads.
![AMD EPYC 9004 [4th Gen] 9124 Hexadeca-core [16 Core] 3 GHz Processor](https://m.media-amazon.com/images/I/316ISTIk-UL._SL500_.jpg)
AMD EPYC 9004 [4th Gen] 9124 Hexadeca-core [16 Core] 3 GHz Processor
W128281620
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
AMD SEV-SNP is a hardware extension designed to isolate virtual machine memory from the hypervisor and other tenants, forming a core part of confidential computing solutions. The attack, Fabricked, was disclosed at the USENIX Security 2026 conference, following research that identified vulnerabilities in the configuration of the Infinity Fabric—a critical component responsible for data routing across AMD’s chiplets. The flaw stems from the untrusted UEFI firmware’s ability to modify Infinity Fabric settings, which in turn affects the secure co-processor’s ability to enforce memory protections during VM initialization. AMD has issued firmware updates to address the vulnerability, but the details of the exploit highlight systemic issues in the trusted execution environment architecture.
“Fabricked demonstrates that misconfiguring the Infinity Fabric can effectively disable SEV-SNP protections, allowing unauthorized memory access.”
— Research team at USENIX Security 2026
“We are actively working with partners to deploy firmware updates and mitigate the vulnerability identified in our processors.”
— AMD spokesperson
Security Awareness: Applying Practical Security in Your World
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
It remains unclear whether all AMD processors are equally vulnerable, especially older models or those with different firmware configurations. The full scope of affected hardware beyond Zen 5 EPYC remains under investigation, and the long-term effectiveness of firmware updates is yet to be confirmed.
TPM 2.0 Security Module 20-Pin LPC (2×10) for Gigabyte & ASUS Motherboards, Infineon SLB9665 Chip, GA 20-1 Pin, 2.54mm Pitch LPC Header, Windows 11 Ready, Compatible with GC-TPM2.0
【Wide Compatibility – Gigabyte & ASUS】 Specifically designed for Gigabyte and ASUS desktop motherboards with a 20-1 pin…
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
AMD is expected to release firmware patches for affected processors, including Zen 3 and Zen 4 models. Researchers will continue testing to verify the effectiveness of these updates. Additionally, industry analysts anticipate increased scrutiny of hardware security in confidential computing platforms, with potential development of new mitigations against similar memory routing attacks.
Security Patch, 2 Pcs Reflective Security Hook and Loop Patch for Vest Printed Letters Embroidery Patches for Officer Guard Custom Uniforms Vest, Jacket, Carrier, Bag, Hat (Black, 1 Small and 1 Large)
【Package Content】The package contains two security patches for vest, one small (5.5 x 2.5 inches) and one large…
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
What exactly is the Fabricked attack?
Fabricked is a software-based attack that manipulates the Infinity Fabric’s memory routing to disable AMD SEV-SNP protections, allowing unauthorized access to encrypted VM memory.
Can this attack be performed remotely?
No. The attacker must have UEFI and hypervisor privileges on the targeted system, meaning physical access or existing control over the hypervisor is required.
Does this affect all AMD processors?
The vulnerability has been confirmed on AMD Zen 5 EPYC processors, with indications it may impact Zen 3 and Zen 4 models as well. Firmware updates are being issued to mitigate the risk.
What should affected organizations do?
They should apply available firmware updates from AMD as soon as they are released and review their security configurations to prevent unauthorized UEFI modifications.
