Black Hat Europe 2025 | Low-Cost Memory Interposer Attacks On Confidential Computing

As cloud computing adoption grows, so do concerns about trust and data privacy. Confidential computing, powered by innovative hardware technologies like Intel SGX and AMD SEV, promises strong isolation and transparent memory encryption to protect against privileged attackers and physical threats such as bus snooping and cold boot attacks. In this talk we present a custom, low-cost (50 dollar) DDR4 interposer that dynamically manipulates memory address lines to create adversarial aliases, tricking the processor into granting unauthorized access to encrypted memory. Crucially, our interposer operates at runtime, allowing it to bypass recent boot-time firmware mitigations deployed by Intel and AMD in response to our earlier software-based “BadRAM” memory aliasing attacks.

Using our novel interposer, we undermine trust in both the Intel SGX and AMD SEV ecosystems. We demonstrate the first successful attack on Intel’s Scalable SGX single-key memory domain, enabling arbitrary plaintext read/write access and extraction of SGX’s platform provisioning key used for remote attestation. Additionally, we achieve full attestation bypasses on up-to-date AMD SEV-SNP systems despite the latest firmware defenses, allowing us to forge attestation reports and implant persistent backdoors in SEV-protected virtual machines.

In the broader context, our results challenge fundamental assumptions about encrypted memory security guarantees and expose critical flaws in the performance-security trade-offs of today’s confidential cloud computing systems.

By:
Jesse De Meulemeester | PhD researcher, COSIC, KU Leuven
Jo Van Bulck | Prof., DistriNet, KU Leuven
David Oswald | Prof., Durham University

https://blackhat.com/eu-25/briefings/schedule/?#fifty-dollars-to-root-the-cloud-low-cost-memory-interposer-attacks-on-confidential-computing-48941Black HatRead More