Volerion logoVolerion
Volerion logoVolerion

AMD EPYC Processors SEV Access Control Vulnerability During SNP Initialization

Vulnerability

A vulnerability exists in AMD EPYC processors that support Secure Encrypted Virtualization (SEV), specifically during the initialization of Secure Nested Paging (SNP). Improper access control could allow a privileged attacker to write to the reverse map page (RMP), potentially compromising the confidentiality and integrity of guest memory. This issue affects several different versions and ranges of AMD EPYC processors, both server and embedded series.

Impact

Exploitation of this vulnerability could lead to unauthorized modifications of the reverse map page, causing a loss of confidentiality and integrity in guest memory during SEV-SNP operations.

Remediation

Users are advised to update to the latest Platform Initialization (PI) or Secure Encrypted Virtualization (SEV) firmware version. Specific update details can be found in the AMD EPYC Processor Vulnerabilities bulletin.

Added: Feb 10, 2026, 9:01 PM
Updated: Feb 11, 2026, 2:48 AM

Vulnerability Rating

Custom Algorithm
spread
6.6
impact
1.7
exploitability
2.4
remediation
8.3
relevance
3.0
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.