• Technology

    New Phoenix RowHammer attack cracks open DDR5 memory defenses in minutes

    AnyFans Posted on

    By Sead Fadilpašić

    Copyright techradar

    New Phoenix RowHammer attack cracks open DDR5 memory defenses in minutes

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    New Spectre-based CPU vulnerability allows guests to steal sensitive data from the cloud

    AMD warns worrying new Spectre, Meltdown-esque flaw could affect top CPUs – here’s what we know

    Rising prices of DDR4, DDR5, GDDR6 RAM set to cause havoc on PC, smartphone and GPU prices – and no, AI is not the one to be blamed

    Want to upgrade the DDR4 RAM in your PC? New report is a clear signal you should buy sooner rather than later

    After Sandisk, D-Matrix is proposing an intriguing alternative to the big HBM AI puzzle with 10x better performance with 10x better energy efficiency

    CISA warns hackers are actively exploiting critical CitrixBleed 2

    This surprisingly simple way to hide hardware security keys in mainstream flash memory could pave the way for ultra-secure storage very soon

    Quantum computing explained: what it means for cybersecurity — and why it’s coming faster than you think

    Researchers reveal passkeys may not be as safe as we think they are – here’s how to stay safe

    Security flaws in key Nvidia enterprise tool could have let hackers run malware on Windows and Linux systems

    Gigabyte quietly releases a GPU-type card that adds 1TB RAM to your workstation, but it will absolutely not be cheap

    Millions of Dell laptops at risk due to Broadcom chip security flaw – here’s how you can stay safe

    A new malware is infecting Gigabyte motherboards – and there likely won’t be a fix any time soon

    Google urgently patches major Qualcomm security flaw hitting Android phones – so make sure you update now

    SharePoint-ageddon attacks riddled with free Warlock ransomware – and thousands of services could be compromised

    New Phoenix RowHammer attack cracks open DDR5 memory defenses in minutes

    Sead Fadilpašić

    16 September 2025

    It took researchers less than two minutes to crack open a computer

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Shutterstock)

    Phoenix RowHammer variant affects DDR5 desktop systems, bypassing all known mitigations on SK Hynix chips
    Attackers can gain root access and steal RSA keys within minutes using default system settings
    Researchers recommend tripling refresh rates, as DRAM devices cannot be patched and remain vulnerable long-term

    Standard, production-grade desktop systems were, for the first time ever, found vulnerable to a variant of RowHammer, a hardware-based security vulnerability affecting DDR5 chips.

    RowHammer affects Dynamic Random-Access Memory (DRAM) chips and allows attackers to manipulate memory contents by repeatedly accessing – “hammering” – a specific row of memory cells.
    This causes electrical interference that can flip bits in adjacent rows, without actually accessing those rows, and results in privilege escalation, remote exploits, and different mobile vulnerabilities.

    You may like

    New Spectre-based CPU vulnerability allows guests to steal sensitive data from the cloud

    AMD warns worrying new Spectre, Meltdown-esque flaw could affect top CPUs – here’s what we know

    Rising prices of DDR4, DDR5, GDDR6 RAM set to cause havoc on PC, smartphone and GPU prices – and no, AI is not the one to be blamed

    Privilege escalation and root access
    The vulnerability was first spotted more than a decade ago, and has been addressed through patches multiple times. However, as RAM chips get better – and memory cells get squeezed closer together – the risk of RowHammer attacks increases.

    The latest discovery is called Phoenix, and is tracked as CVE-2025-6202. It was given a severity score of 7.1/10 (high), and successfully bypasses all known mitigations on chips built by South Korean semiconductor manufacturer SK Hynix.
    “We have proven that reliably triggering RowHammer bit flips on DDR5 devices from SK Hynix is possible on a larger scale,” ETH Zürich said. “We also proved that on-die ECC does not stop RowHammer, and RowHammer end-to-end attacks are still possible with DDR5.”
    The researchers are claiming they can trigger privilege escalation and gain root access on a DDR5 system with default settings in less than two minutes. Practical use includes stealing RSA-2048 keys of a co-located virtual machine, thus breaking SSH authentication. A separate scenario includes using the sudo binary to escalate local privileges to the root user.

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    “As DRAM devices in the wild cannot be updated, they will remain vulnerable for many years,” the analysts said in the paper. “We recommend increasing the refresh rate to 3x, which stopped Phoenix from triggering bit flips on our test systems.” In this context, it is perhaps worth mentioning that after RowHammer was first disclosed in 2014, vendors like Intel and DRAM manufacturers introduced increased refresh rates and target row refresh (TRR) mechanisms as mitigation measures.
    Via The Hacker News
    You might also like

    Nvidia warns users some GPUs could be at risk of damaging cyberattack – here’s what we know
    Take a look at our guide to the best authenticator app
    We’ve rounded up the best password managers

    Sead Fadilpašić

    Social Links Navigation

    Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    New Spectre-based CPU vulnerability allows guests to steal sensitive data from the cloud

    AMD warns worrying new Spectre, Meltdown-esque flaw could affect top CPUs – here’s what we know

    Rising prices of DDR4, DDR5, GDDR6 RAM set to cause havoc on PC, smartphone and GPU prices – and no, AI is not the one to be blamed

    Want to upgrade the DDR4 RAM in your PC? New report is a clear signal you should buy sooner rather than later

    After Sandisk, D-Matrix is proposing an intriguing alternative to the big HBM AI puzzle with 10x better performance with 10x better energy efficiency

    CISA warns hackers are actively exploiting critical CitrixBleed 2

    Latest in Security

    Former FinWise employee may have stolen sensitive data on 689,000 American First Finance customers

    The countdown is on – Chinese firms now have just an hour to report cybersecurity incidents

    North Korean hackers generate fake South Korean military ID using ChatGPT

    Bags of info stolen from multiple top luxury brands – double check your data now

    Google confirms hackers created their own account in sensitive law enforcement portal

    Chinese malware is flooding GitHub pages – HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning

    Latest in News

    ExpressVPN’s latest update makes using its iPhone VPN even easier – here’s all you need to know

    TechRadar Choice Awards 2025: Fitness & Home Tech categories – vote for your winners now!

    How to watch Love Island Games season 2 online and for FREE from anywhere

    TikTok to be saved in the US as Trump confirms a deal with China ahead of upcoming ban

    OpenAI reveals biggest-ever study of how people are using ChatGPT – here are 3 things we’ve learned

    TechRadar Choice Awards 2025: TV, Streaming & Audio categories – vote for your winners now!

    LATEST ARTICLES

    New Phoenix RowHammer attack cracks open DDR5 memory defenses in minutes

    The countdown is on – Chinese firms now have just an hour to report cybersecurity incidents

    Former FinWise employee may have stolen sensitive data on 689,000 American First Finance customers

    Seagate’s 22TB desktop HDD deal is the best I’ve seen in a while at $10.91/TB – Expansion hard drive is on sale at Seagate for $240 and even includes free data recovery

    Researchers warn that skill erosion caused by AI could have a devastating and lasting impact on businesses – but it may already be too late

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like