All Your Secrets Belong to Us: Leveraging Firmware Bugs to Break TEEs
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In "All Your Secrets Belong to Us: Leveraging Firmware Bugs to Break TEEs," Tom Dorman delves into the critical security vulnerabilities residing within **Trusted Execution Environments (TEEs)**, specifically targeting AMD's **Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP)** technology. The talk exposes how firmware bugs, particularly within the highly privileged **Platform Security Processor (PSP)**, can undermine the fundamental security guarantees of TEEs, leading to the leakage of sensitive secrets. This presentation is a deep dive into low-level hardware and firmware interactions, highlighting the intricate dance between CPU-enforced security mechanisms and the software components that manage them.