AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices.

The security flaw (CVE-2024–56161) is caused by an improper signature verification weakness in AMD’s CPU ROM microcode patch loader.

Attackers with local administrator privileges can exploit this weakness, resulting in the loss of confidentiality and integrity of a confidential guest running under AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP).