- Joined
- Aug 20, 2006
- Messages
- 13,000
There is a security flaw affecting AMD's Platform Security Processor (PSP), which is an integrated coprocessor comparable to Intel’s Management Engine. Luckily, AMD has already addressed the issue, and a patch is scheduled for release later this month.
Unlike some CPUs, the PSP doesn't implement common exploit mitigation techniques such as stack cookies, No-eXecute (NX) flags, or address space layout randomization (ASLR), making exploitation trivial. Cohen's post described the vulnerability as remote code execution flaw. However, physical access is a prerequisite.
Unlike some CPUs, the PSP doesn't implement common exploit mitigation techniques such as stack cookies, No-eXecute (NX) flags, or address space layout randomization (ASLR), making exploitation trivial. Cohen's post described the vulnerability as remote code execution flaw. However, physical access is a prerequisite.