Introduction: A concerning discovery has been made regarding certain AMD CPUs, which could potentially lead to data theft. Security researcher Tavis Ormandy from Google recently unveiled a vulnerability in AMD processors based on the Zen 2 architecture, affecting CPUs like Ryzen 3000, Threadripper 3000, and Epyc Generation 2, among others. This vulnerability, known as Zenbleed (CVE-2023-20593), allows attackers to gain unauthorized access to sensitive data, including passwords and encryption keys. Let’s explore how this threat works and what steps you can take to protect your valuable data.
What models could be affected?
The models of Synology NAS devices that could potentially be affected by the Zenbleed vulnerability (CVE-2023-20593) are those equipped with AMD CPUs based on the Zen 2 architecture. As per the information provided in the question, the following Synology NAS models could fall under this category:
- DS723+ – 2-bay NAS with AMD Ryzen R1600 CPU.
- DS923+ – 4-bay NAS with AMD Ryzen R1600 CPU.
- DS1522+ – 5-bay NAS with AMD Ryzen R1600 CPU.
- DS1823xs+ – 8-bay NAS with AMD Ryzen V1780B CPU.
- DS2422+ – 12-bay NAS with AMD Ryzen V1500B CPU.
- DS1821+ – 8-bay NAS with AMD Ryzen V1500B CPU.
- DS1621+ – 6-bay NAS with AMD Ryzen V1500B CPU.
Understanding Zenbleed: The vulnerability in AMD’s Zen 2 CPUs is caused by improper handling of an instruction called “vzeroupper” during speculative execution – a technique used to boost processor performance. Through Zenbleed, attackers can exploit this weakness and harvest sensitive information from a targeted system, such as passwords and keys, leaving your data exposed.
Stealthy Attack: Zenbleed poses a significant risk, as it can be carried out regardless of the operating system used. Even virtual machines and isolated containers are not safe from this attack. The most alarming aspect is that exploiting Zenbleed doesn’t require higher privileges or special system calls, making it hard to detect. Users may not even realize that their sensitive data is being compromised.
Data Leakage Rate: During the attack, Ormandy found that the exploit could capture 30 KB of data per second from each CPU core. Although this might not sound like much, it is sufficient for attackers to monitor encryption keys and passwords during user logins, potentially leading to more significant security breaches.
AMD’s Response: Tavis Ormandy responsibly reported the vulnerability to AMD on May 15, 2023. To address the issue, AMD has released a microcode update that aims to close the security gap. It’s essential to keep your CPU up-to-date with the latest microcode to prevent Zenbleed attacks. However, the availability of BIOS updates from mainboard manufacturers that include the fix is yet to be confirmed.
Mitigation and Impact: While waiting for the microcode update, Ormandy suggests a workaround that involves setting the “DE_CFG[9] chicken bit.” However, be aware that this may lead to a drop in CPU performance. The practical impact on regular users is relatively low, as executing Zenbleed requires local access to the target system and specialized knowledge.
Protection Measures: As a NAS user, it’s crucial to stay vigilant and take proactive measures to safeguard your data. Ensure your NAS firmware is updated regularly to protect against potential vulnerabilities. Keep an eye on official security advisories from Synology to be informed about any relevant updates. By staying proactive and following best practices, you can enhance the security of your NAS and mitigate potential risks.
Conclusion: Understanding the Zenbleed vulnerability is essential to protect your data and ensure the security of your NAS. While the risk to regular users might be relatively low, the impact on data security is significant. To stay safe, make sure you apply the microcode update once available or follow the suggested workaround. Remember, a proactive approach is the key to ensuring the continued security of your NAS device and protecting your valuable data.
When finding out about the Zenbleed vulnerability affecting Synology NAS devices with AMD CPUs based on the Zen 2 architecture, NAS users might have several questions and concerns:
- Is my specific Synology NAS model affected by the Zenbleed vulnerability?
- How can I check if my NAS has the Zen 2 architecture and is at risk?
- What kind of sensitive data could be at risk if my NAS is vulnerable?
- Are there any specific signs or symptoms of exploitation that I should watch out for?
- Has Synology released a patch or firmware update to address the vulnerability?
- How do I apply the microcode update on my Synology NAS to protect against Zenbleed?
- If there is no patch available yet, what can I do to mitigate the risk until a fix is provided?
- Will applying the workaround suggested by the researcher affect the performance of my NAS?
- Are there any precautions or best practices I should follow to enhance the security of my NAS during this time?
- How can I stay informed about any further developments or updates regarding this vulnerability?
Use the comments section for discussion!
| Where to Buy a Product | |||
 |
    
|
  
|
VISIT RETAILER ➤ |
 |
|
|
VISIT RETAILER ➤ |
 |
|
|
VISIT RETAILER ➤ |
 |
|
|
VISIT RETAILER ➤ |
We use affiliate links on the blog allowing NAScompares information and advice service to be free of charge to you. Anything you purchase on the day you click on our links will generate a small commission which is used to run the website. Here is a link for Amazon and B&H. You can also get me a ☕ Ko-fi or old school Paypal. Thanks! To find out more about how to support this advice service check HERE If you need to fix or configure a NAS, check Fiver Have you thought about helping others with your knowledge? Find Instructions Here
The RS1221+ also uses a AMD Ryzen V1500B CPU but doesn’t appear in your list. Is this also affected?
Yes