Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 474: | Line 474: | ||
= Secure Loader (software) - AMD Platform Security Processor (hardware) = | = Secure Loader (software) - AMD Platform Security Processor (hardware) = | ||
* The PS5 | * The PS5 APU is a custom AMD ZEN 2 Ryzen chip that includes the [[AMD Platform Security Processor]] and the AMD SMU. | ||
* The AMD Platform Security Processor runs the [[Secure Loader]] that is in charge of loading and executing [[Secure Modules]], like on PS4. The Secure Loader exports some SM management services to kernel through a mailbox. | * The AMD Platform Security Processor runs the [[Secure Loader]] that is in charge of loading and executing [[Secure Modules]], like on PS4. The Secure Loader exports some SM management services to kernel through a mailbox. | ||
* With a | * With a Hypervisor exploit, it is possible to exploit a vulnerability to dump the AMD Platform Security Processor memory. This dump contains the PS5 [[Secure Loader]]. This leads to PS5 symmetric root keys dump, that can then be used for decryption of most Secure Modules. This allows to decrypt on PC most parts of the PS5 System Software files (see also PS Vita 0xAA key fail impact) including: | ||
* | * secure modules | ||
* | * PUP | ||
* kernel boot loader / | * kernel boot loader / BIOS | ||
* non-secure | * non-secure kernel | ||
* usermode system | * usermode system modules | ||
== <=2.70 - Software vulnerability leading to Secure Loader dump from Hypervisor == | == <=2.70 - Software vulnerability leading to Secure Loader dump from Hypervisor == |