Modern computer security has long assumed that software contains bugs and hardware is secure. Over the past decade, this assumption has steadily eroded. First, side channels exposed indirect leakage of secrets. Then, transient-execution attacks demonstrated that CPUs can violate their own security boundaries during speculative or out-of-order execution. Today, a new class of attacks goes one step further: architectural CPU vulnerabilities, in which hardware directly produces incorrect results that can be exploited in much the same way as classic software bugs.

This talk demonstrates that CPUs must be treated as software, just faster, harder to debug, and deployed at a massive scale. Using real-world examples on Intel, AMD, and T-Head RISC-V CPUs, the talk shows how attackers can manipulate architectural state, bypass security checks, and gain arbitrary read and write primitives without relying on traditional side channels or software vulnerabilities. These CPU vulnerabilities enable direct exploitation of systems across isolation boundaries, from virtual memory to trusted execution environments. The talk concludes by discussing why current testing and mitigation approaches are insufficient, and what it would take to build CPUs that deserve the same security expectations we apply to software.