All AI Servers
Scalable AI server platforms for modern workloads
All Multi-node Servers
Maximize compute density for modern data centers.
All General Purpose Servers
Modular enterprise platforms for cloud infrastructure
General Purpose >> EIA Servers
More
All Storage Servers
High-capacity storage for data-intensive workloads
All Motherboards
Form-factor flexibility for system integration
All AMD
AMD platforms for AI and modern data centers
All Intel
Reliable and scalable enterprise server platforms
Rack-scale Solutions
View DetailLiquid Cooling
View DetailDiamond Cooling
View DetailCanonical Ubuntu
View DetailIndustry Applications
View DetailAMD Instinct™ GPU Validated Systems
View DetailMiTAC NVIDIA® Qualified Systems
View Detail
All Resources
Insights & Stories
Media & Catalogs
Technical Documentation
Popular Search
Rack-scale Solutions
View DetailLiquid Cooling
View DetailDiamond Cooling
View DetailCanonical Ubuntu
View DetailIndustry Applications
View DetailAMD Instinct™ GPU Validated Systems
View DetailMiTAC NVIDIA® Qualified Systems
View Detail
- By Category
All AI Servers
Scalable AI server platforms for modern workloads
AI >> OAI Servers
MoreAI >> PCIe GPU Servers
More
All Multi-node Servers
Maximize compute density for modern data centers.
Multi-node >> EIA Servers
MoreMulti-node >> OCP Servers
More
All General Purpose Servers
Modular enterprise platforms for cloud infrastructure
General Purpose >> EIA Servers
More
All Storage Servers
High-capacity storage for data-intensive workloads
Storage >> EIA Servers
MoreStorage >> OCP Servers
More
All Motherboards
Form-factor flexibility for system integration
- By CPU Platform
All AMD
AMD platforms for AI and modern data centers
AMD EPYC™ 9005
MoreAMD EPYC™ 9005/9004
MoreAMD EPYC™ 9004
MoreAMD EPYC™ 8005/8004
MoreAMD EPYC™ 4005/4004
More
AMD EPYC™ 9005
AMD EPYC™ 8005
AMD EPYC™ 4005
All Intel
Reliable and scalable enterprise server platforms
Intel® Xeon® 6
More5th / 4th Gen Intel® Xeon® Scalable
More
Intel® Xeon® 6
5th Gen Intel® Xeon® Scalable
- News & Events
- News
- Events
- Insights & Stories
- Success Stories
- Technical Insights
- Media Reviews
- Media & Catalogs
- Catalogs
- Technical Documentation
- White Paper
- Data Sheets
- User Guides
セキュリティセンター
MiTAC サーバー製品の最新セキュリティ情報セキュリティセンター
セキュリティに関する通知
Total: 40
2025-06-10
TPM Reference Implementation, Jun 10, 2025
Description: The Trusted Computing Group (TCG) Vulnerability Response Team (VRT) has reported a potential out of bounds (OOB) read vulnerability in the Trusted Platform Module (TPM) 2.0 reference implementation code. This vulnerability can be triggered from user-mode applications by sending malicious commands to a TPM 2.0 whose firmware is based on an affected TCG reference implementation. If successfully exploited, the vulnerability could allow an attacker to read data stored in the TPM or potentially impact TPM availability.
AMD has analyzed the TCG’s report and believes the AMD Firmware TPM (fTPM) is impacted by this vulnerability.
AMD has analyzed the TCG’s report and believes the AMD Firmware TPM (fTPM) is impacted by this vulnerability.
AMD-SB-4011
2025-06-10
AMD SEV Confidential Computing Vulnerability, Jun 10, 2025
Description: Researchers from Google® have provided AMD with information on a potential vulnerability that, if successfully exploited, could lead to the loss of SEV-based protection of a confidential guest.
AMD has made available a mitigation for this issue which requires updating microcode on all impacted platforms to help prevent an attacker from loading malicious microcode. Additionally, an SEV firmware update is required for some platforms to support SEV-SNP attestation. Updating the system BIOS image and rebooting the platform will enable attestation of the mitigation. A confidential guest can verify the mitigation has been enabled on the target platform through the SEV-SNP attestation report.
AMD has made available a mitigation for this issue which requires updating microcode on all impacted platforms to help prevent an attacker from loading malicious microcode. Additionally, an SEV firmware update is required for some platforms to support SEV-SNP attestation. Updating the system BIOS image and rebooting the platform will enable attestation of the mitigation. A confidential guest can verify the mitigation has been enabled on the target platform through the SEV-SNP attestation report.
AMD-SB-3019
Affected Platforms and BIOS version numbers that contain the fix
Details
2025-06-03
Versal™ Adaptive SoC – Improper Configuration of the Secure Stream Switch during Post-Boot Cryptographic Operations, Jun 3, 2025
Description: In Versal™ Adaptive SoC devices, the Platform Loader and Manager (PLM) implements runtime (post-boot) software services that allows a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECDSA – on behalf of the remote processor. These operations require the Secure Stream Switch (SSS) to be configured such that the Direct Memory Access (DMA) hardware can send data to and read from these cryptographic engines.
A potential vulnerability exists with the configuration of the SSS because the PLM does not clear the SSS configuration after a cryptographic operation completes. This allows an improper SSS configuration when setting up the SSS for any following cryptographic command.
A potential vulnerability exists with the configuration of the SSS because the PLM does not clear the SSS configuration after a cryptographic operation completes. This allows an improper SSS configuration when setting up the SSS for any following cryptographic command.
AMD-SB-8011
2025-06-03
Versal™ Adaptive SoC – Overwriting Protected Memory Regions through PLM Firmware, Jun 3, 2025
Description: In Versal™ Adaptive SoC devices, the Platform Loader and Manager (PLM) implements runtime (post-boot) software services that can allow a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECDSA – using the hardened cryptographic accelerators, eFUSE and BBRAM reads and writes, reloading PDIs, and reading back the FPGA on behalf of the remote processor.
A potential vulnerability exists with commanding these runtime services, in that the memory passed with the command to execute the services is not checked by the PLM to verify that the requesting processor has access to the memory space.
A potential vulnerability exists with commanding these runtime services, in that the memory passed with the command to execute the services is not checked by the PLM to verify that the requesting processor has access to the memory space.
AMD-SB-8010
2025-06-03
AMD CPU Microcode Signature Verification Vulnerability, Jun 3, 2025
Description: Researchers from Google® have provided AMD with a report titled “AMD Microcode Signature Verification Vulnerability.” This vulnerability may allow an attacker with system administrative privilege to load malicious CPU microcode patches. In the report, the researchers describe how they were able to load patches that were not signed by AMD. The researchers also demonstrate how they falsified signatures for arbitrary microcode patches.
AMD has not received any reports of this attack occurring in any system.
AMD believes this issue is caused by a weakness in signature verification algorithm that could allow an administrator privileged attacker to load arbitrary microcode patches. AMD plans to issue mitigations to fix this issue.
AMD has not received any reports of this attack occurring in any system.
AMD believes this issue is caused by a weakness in signature verification algorithm that could allow an administrator privileged attacker to load arbitrary microcode patches. AMD plans to issue mitigations to fix this issue.
AMD-SB-7033
Affected Platforms and BIOS version numbers that contain the fix
Details
2025-06-03
Cache-based Side-Channel Attack Against SEV, Jun 3, 2025
Description: AMD has received a report from researchers at National Taiwan University detailing cache-based side-channel attacks against Secure Encrypted Virtualization (SEV).
AMD-SB-3010
2025-05-22
IOLeak - CPU Side Channel Attacks , May 22, 2025
Description: Researchers have provided AMD with a summary of relevant remarks and findings detailed in a paper titled "IOLeak Side-Channel Attack Exploiting CPU Frequency Scaling and I/O Latency."
AMD reviewed the summary and believes this attack is similar to previously disclosed side-channel attacks such as "Hertzbleed" and that existing mitigation recommendations for such attacks remain applicable to mitigate the techniques described in the researchers' summary.
AMD reviewed the summary and believes this attack is similar to previously disclosed side-channel attacks such as "Hertzbleed" and that existing mitigation recommendations for such attacks remain applicable to mitigate the techniques described in the researchers' summary.
AMD-SB-7042
2025-05-13
Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection, May 13, 2025
Description: Vulnerabilities were reported in various AMD Manageability Tools.
AMD has provided mitigations for these issues.
AMD has provided mitigations for these issues.
AMD-SB-9015
2025-05-13
AMD Optimizing CPU Libraries (AOCL) Vulnerabilities , May 13, 2025
Description: Potential vulnerabilities were reported for AMD Optimizing CPU Libraries (AOCL) though the AMD Bug Bounty Program.
AOCL is a set of numerical libraries optimized for AMD processors based on the AMD "Zen" core architecture and generations. Supported processor families are AMD EPYC™, AMD Ryzen™, and AMD Ryzen™ Threadripper™ processors. The tuned implementations of industry-standard math libraries enable rapid development of scientific and high-performance computing applications.
AOCL is a set of numerical libraries optimized for AMD processors based on the AMD "Zen" core architecture and generations. Supported processor families are AMD EPYC™, AMD Ryzen™, and AMD Ryzen™ Threadripper™ processors. The tuned implementations of industry-standard math libraries enable rapid development of scientific and high-performance computing applications.
AMD-SB-9014
amd
intel
ami
今すぐ登録 最新ニュースを入手できます。
Thank you for your subscription.
Existed email or invalid e-mail!
Successful unsubscription.
Email doesn't exist.