New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves
Category:Vulnerabilities / Hardware
Researchers from Georgia Tech, Purdue, and Synkhronix unveiled TEE.Fail, a physical side-channel attack on DDR5-based trusted execution environments (Intel SGX/TDX and AMD SEV-SNP). The exploit enables extraction of cryptographic keys and attestation data using a sub-$1000 interposer. Findings reveal deterministic AES-XTS encryption weaknesses and potential for bypassing CVM protections.
CORTEX Protocol Intelligence Assessment
Business Impact: Exposes a new hardware-level vulnerability class undermining trusted computing and confidential AI workloads. Technical Context: Demonstrates deterministic memory encryption weaknesses in DDR5 TEEs allowing real-time key extraction and attestation spoofing.
Strategic Intelligence Guidance
- Conduct firmware and BIOS updates on Intel and AMD servers.
- Restrict physical access to datacenter assets and bus channels.
- Monitor for abnormal attestation or enclave behavior.
- Coordinate vendor advisories for TEE patch rollout.
Vendors
Threats
Targets
Intelligence Source: New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves | Oct 29, 2025