Remote Attestation Attack on AMD SEV-SNP CVM in Azure

A malicious guest operating system cannot substitute or replay an attestation report within Azure SEV-SNP Confidential VMs. The attestation process is cryptographically anchored to AMD’s hardware root of trust and validated through the Microsoft Azure Attestation (MAA) service. Each report is hardware-signed and incorporates unique VM identifiers, freshness nonces, and ephemeral keys, ensuring authenticity, binding to the originating VM, and protection against replay or substitution attacks.

https://learn.microsoft.com/en-us/azure/confidential-computing/guest-attestation-confidential-vms