Thought TEEs were safe? New physical attack defeats Nvidia, Intel, AMD

As technology advances, Trusted Execution Environments (TEEs) have become ubiquitous in blockchain architectures, cloud services, and computing involving artificial intelligence, finance, and defense contractors.

Nvidia's Confidential Compute, AMD's SEV-SNP, and Intel's SGX and TDX are three particularly dependent TEEs. These technologies promise that even if the operating system kernel is completely compromised, confidential data and calculations will not be leaked or tampered with. However, a series of new physical attacks that have recently emerged have questioned the security of TEE.

The latest attack method is called TEE.fail, which easily defeats the latest TEE protection of the three major chip manufacturers. This low-cost, low-complexity attack method intercepts and injects packets on the memory bus, requiring the attacker to first break into the operating system kernel.

After completion, Confidential Compute, SEV-SNP and TDX are no longer trustworthy. Unlike the Battering RAM and Wiretap attacks in September that only targeted DDR4 memory, TEE.fail is the first memory bus interception to attack DDR5 memory.

Three chip manufacturers exclude physical attacks from their TEE threat models, and their commitments to data and execution protection are often not clear enough, leading many users to misunderstand their protection capabilities. Security researcher HD Moore noted that these capabilities continue to be compromised, but vendors still market these for use on edge servers, and people still believe in the effectiveness of these technologies.

Research shows that server-side TEE is not effective against physical attacks, which even surprised Intel and AMD. Many TEE users run infrastructure in cloud computing. The supply chain and physical attack protection measures of these service providers such as AWS, Azure or Google are very strong, which to a certain extent increases the difficulty of TEE.fail attacks.

However, the root cause of these attacks is the use of deterministic encryption, which produces the same ciphertext every time the same plaintext is encrypted, which allows TEE.fail attackers to conduct replay attacks. The researchers note that this issue affects not only SGX but also the more advanced Intel TEE, known as TDX. Once an attacker obtains the attestation key, he or she can snoop on data or tamper with code flowing through the enclave and send assurances to relying parties that the device is secure.

Currently, Nvidia, Intel and AMD have all expressed concern about this research and acknowledged the risk of physical attacks. Nvidia said that in addition to trust controls, physical controls are also needed to reduce the risk of these types of attacks. Intel emphasized that comprehensively addressing memory physical attacks requires a balance between confidentiality, integrity, and anti-replay protection.

New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves New TEE.fail Exploit Steals Secrets from Intel & AMD DDR5 Trusted Environments TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs TEE.Fail Attack, Qilin Ransomware, CISA Alerts & BlueNoroff – 10/28/2025 New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs Researchers Reveal New TEE Fail Attack That Compromises Intel and AMD DDR5 Security Further reading: Generative AI has a new threat: a small drop of malicious data can lead to system-wide poisoning Norway reveals safety loopholes in Chinese-made electric buses that could be remotely controlled OpenAI Atlas has another security vulnerability! Malicious prompts disguised as URL attacks can control AI to delete your files A major security flaw occurs in the OpenAI Atlas browser, allowing hackers to permanently contaminate the ChatGPT memory system It’s impossible to escape “tracking” without a mobile phone, Wi-Fi router becomes an invisible monitor