Intel roasts AMD and Nvidia in its latest product security report, claiming AMD has vulnerabilities with no fix planned, Nvidia has only high-severity security bugs [Updated]

13th Generation Intel CPU
(Image credit: Intel)

Update 2/12/2025 3:16pm PT: Our original report said Intel highlighted 78 AMD vulnerabilities with no fix planned, but that was incorrect. AMD has six vulnerabilities with no planned fix, which impacts a total of 78 AMD SKUs. We have corrected the text below.


Intel threw shade at its two biggest competitors in its latest product security report, claiming that AMD has over four times more firmware vulnerabilities while Nvidia had 80% more GPU security issues.

The first three points of the key findings summary for Intel's 2024 Intel Product Security Report focused mostly on itself, highlighting the performance of its internal security research team, saying that it uncovered 96% of new vulnerabilities internally last year and that 100% of hardware issues were discovered within the company.

Intel's last three points focused on its two biggest competitors: AMD and Nvidia. According to Intel, the former reported “4.4x more firmware vulnerabilities in their hardware root-of-trust” and “1.8x more firmware vulnerabilities in their confidential computing technologies” when compared. It also criticized Nvidia in the GPU category, saying it “had only high-severity vulnerabilities (18)” for 2024.

Aside from these summaries, Intel continued with more details in the report. It said that AMD discovered only about 57% of reported platform vulnerabilities, meaning security researchers or the public have found the remaining 43%. Additionally, AMD has vulnerabilities impacting its Secure Processor engine that are currently listed as “No fix planned,” meaning AMD has no solution, and those six vulnerabilities impact a total of 78 different SKUs. This is in contrast with Intel, saying that it has provided mitigations or solved all hardware root-of-trust vulnerabilities in all supported SKUs. Intel claims all its root-of-trust bugs were found internally and touts its established bug bounty program. Notably, AMD also has a bug bounty program.

On the GPU front, the company claimed that it has the fewest vulnerabilities, saying that there were only 10 reported issues on Intel GPUs, of which only one is noted as a high or severe threat, and the rest are labeled as medium. On the other hand, Nvidia reported 18 security vulnerabilities—all of which are marked as high severity, with 13 of them potentially allowing a bad actor to execute code on the affected PC.

Intel says it prioritizes security within its CPUs and GPUs, even though China accused it of massive security flaws in October 2024. While we should always be skeptical of information like this, especially as this is Intel patting itself on the back, we can easily check these reports on public databases like the National Vulnerability Database as well as in the security bulletins of the respective companies.

Aside from claiming its products are the most secure, Intel is also trying to take AMD and Nvidia down a peg. Now probably isn't the time for that -- although Intel still owns a majority market share in x86 CPUs, AMD recently jumped by 5.7 percentage points in 3Q24, just as Team Blue grappled with the Intel 13th- and 14th-gen instability issues and its disastrous financial results released in late July.

Simultaneously, Intel is also trying to take on Nvidia in the AI chip space with Gaudi 3, but it has so far failed to hit its target and recently canceled its next-gen Falcon Shores entirely, meaning the company won't have a competitive AI part for the public for over a year. Meanwhile, Jensen Huang and Nvidia are raking in billions due to the demand for their hardware.

TOPICS
Jowi Morales
Contributing Writer

Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics.

Read more
AMD patches a critical microcode vulnerability affecting Zen 1 to Zen 4 EPYC CPUs
GeForce RTX 40-series GPUs
Nvidia's mid-January GPU driver update addresses several vulnerabilities and exploits
Fire Range 1
AMD says Intel's 'horrible product' is causing Ryzen 7 9800X3D shortages
Intel
The week in chip news: Intel gets a new CEO, China chip smuggling, AMD dominates
Ryzen CPU with 3D V-Cache
'You can now jailbreak your AMD CPU' — Google researchers release kit to exploit microcode vulnerability in Ryzen Zen 1 to Zen 4 chips
AMD
AMD launches Ryzen 9 9950X3D and 9900X3D, claims 20% faster gaming performance than Intel’s flagship Arrow Lake processors
Latest in Cyber Security
GeForce RTX 3090
Akira ransomware can be cracked with 16 RTX 4090 GPUs in around ten hours — new counterattack breaks encryption
Crypto Hacker
FBI identifies North Korea as source of $1.5 billion ByBit hack
A broken lock on a PCB.
Apartment buildings broken into with phone in minutes — IoT-connected intercoms using default creds vulnerable to anyone with Google
Streamjackers want your digital treasures
CS2 fans targeted by Streamjackers — viewers swindled out of crypto and Steam valuables
Eight Sleep's Pod 4 Ultra Smart Bed
Security researcher finds vulnerability in internet-connected bed, could allow access to all devices on network
13th Generation Intel CPU
Intel roasts AMD and Nvidia in its latest product security report, claiming AMD has vulnerabilities with no fix planned, Nvidia has only high-severity security bugs [Updated]
Latest in News
Despite external similarities, the RTX 3090 is not at all the same hardware as the RTX 4090 — even if you lap the GPU and apply AD102 branding.
GPU scam resells RTX 3090 as a 4090 — complete with a fake 'AD102' label on a lapped GPU
Inspur
US expands China trade blacklist, closes susidiary loopholes
WireView Pro 90 degrees
Thermal Grizzly's WireView Pro GPU power measuring utility gets a 90-degree adapter revision
Qualcomm
Qualcomm launches global antitrust campaign against Arm — accuses Arm of restricting access to technology
Nvidia Ada Lovelace and GeForce RTX 40-Series
Analyst claims Nvidia's gaming GPUs could use Intel Foundry's 18A node in the future
Core Ultra 200S CPU
An Arrow Lake refresh may still be in the cards with only K and KF models, claims leaker
  • MoxNix
    Putting it bluntly Intell is full of it.
    Reply
  • Pierce2623
    Sure guys, of course we believe you….
    Reply
  • TheSecondPower
    Aside from claiming its products are the most secure, Intel is also trying to take AMD and Nvidia down a peg. Now probably isn't the time for that.
    Isn't it though? Intel is arguing that if security is important to you when shopping, Intel should get some points for it. As I recall, AMD similarly jabbed Intel during the Spectre days. (And I believe a similar though less-severe vulnerability was found in AMD CPUs just a short time later.)
    Reply
  • eichwana
    Can't take advantage of a vulnerability if the chip has burned out
    Reply
  • ottonis
    Psychologically, mocking competitors is a sign of own insecurity rather than dominance.
    Reply
  • subspruce
    eichwana said:
    Can't take advantage of a vulnerability if the chip has burned out
    yeah Intel 14th gen Suicide Lake has no usable vulnerability because it is not usable.
    Reply
  • stuff and nonesense
    TheSecondPower said:
    Isn't it though? Intel is arguing that if security is important to you when shopping, Intel should get some points for it. As I recall, AMD similarly jabbed Intel during the Spectre days. (And I believe a similar though less-severe vulnerability was found in AMD CPUs just a short time later.)
    Ryzenfall? The attempt to make AMD stock tank.. nah
    Reply
  • Gururu
    Smells like AMD boasting about AI performance over nVidia and getting hammed for it. Stay in your lane companies!
    Reply
  • DS426
    Intel's report sounds like its narrative was either written by AI or child. "More = bad, less = goooooood!" Lol, there's so much more to cybersecurity than raw numbers of vulnerabilities, such as exploitability characteristics (ease of exploitation, reliability in (re)producing, proof-of-concept code, how common in the wild, etc.), CVSS scores, time-to-patch of the software/hardware vendors, and so on. Context is needed around each vulnerability. There's other nuances to consider as well, but no need for me to ramble on.

    That paper become a marketing paper rather than a pure security one, which is a shame. Should Intel get security brownie points? Meh, I'll say sure for governments and large enterprises. Is it serious enough to overcome their performance, efficiency, and overall Total Cost of Ownership problems? That's for each individual and organization to decide, but at the consumer level, Intel's arguments are completely moot; how many consumers are running however old CPU's and motherboards with old BIOS versions, EOS Operating Systems like Windows 7 and/or not keeping up on Windows Update (yes, forgive me Linux crowd as I'm just scoping Windows users this time), and so on.
    Reply
  • husker
    To the naysayers who posted above...

    You can't just say no it isn't and call that an argument
    Reply