Skip to main content
Version: 1.47

Hardware integrity status

Hardware vulnerabilities can affect the security properties of confidential-computing technologies. This document lists recently published vulnerabilities and their effect on Privatemode.

In the current version, Privatemode builds on AMD SEV-SNP, Intel TDX, and the confidential-computing features of the Nvidia H100 and B200.

Edgeless Systems, the company behind Privatemode, works with hardware vendors to ensure the mitigation of any potential hardware vulnerabilities ahead of time.

Mitigation status

VulnerabilityCVEAffected hardwarePotential impact (unmitigated)Privatemode mitigation statusPrivatemode mitigation description
Heracles-AMD SEV-SNPReads from CVM memory for expert attacker with root-level access to hostPatched ✅Combination of (1) firmware patch from AMD and (2) kernel patch from Edgeless Systems
BadRAMCVE-2024-21944AMD SEV-SNPAccess to CVM memory for expert attacker with hardware access and root-level access to hostPatched ✅Firmware patch from AMD
Battering RAM-AMD SEV-SNPAccess to CVM memory for expert attacker with hardware access and root-level access to hostDoesn't apply/mitigated ✅Attack only works for DDR4 RAM. Privatemode only uses 4th Gen AMD EPYC CPUs, which require DDR5. This is verified on the client via remote attestation.
RMPocalypseCVE-2025-0033AMD SEV-SNPAccess to CVM memory for expert attacker with root-level access to hostPatched ✅Firmware patch from AMD
TEE.fail-AMD SEV-SNP, Intel TDXAccess to remote-attestation keys (Intel TDX) or access to CVM memory (AMD SEV-SNP) for expert attacker with specialized hardware and combined physical access and root-level access to hostMitigated ✅Machine ID pinning
Google security review of TDX 1.5CVE-2025-30513, CVE-2025-22885, and othersIntel TDXAccess to CVM memory for expert attacker with root-level access to hostPatched ✅TDX module update
FabrickedCVE-2025-54510AMD SEV-SNPAccess to CVM memory for expert attacker with UEFI and root-level access to hostPatched ✅Firmware patch from AMD
IOMMU Write Buffer VulnerabilityCVE-2023-20585AMD SEV-SNPAccess to CVM memory for expert attacker with root-level access to hostPatched ✅Firmware and kernel patch from AMD
BreakFASTCVE-2025-61971, CVE-2025-61972AMD SEV-SNPExpert attacker with root-level access to host can enable debug mode and forge attestationPatched ✅Firmware patch from AMD
StaleusCVE-2025-54509AMD SEV-SNPExpert attacker with root-level access to host can enable debug modePatched ✅Firmware patch from AMD
note

The presence of patches on the server side is verified on the client via remote attestation. "Patched" means that the underlying vulnerability is closed by a vendor patch. "Mitigated" means that the vulnerability can't be patched directly; Privatemode addresses the practical attack path through a software-based countermeasure.