Benedict Markus Schlüter

Security Researcher

Security researcher with comprehensive knowledge of x86 and Arm architectures and a history of finding vulnerabilities in systems powering millions of servers.

Education

  • Doctoral Student Feb. 2023 - Sep. 2026
    ETH Zurich, Switzerland
  • M.Sc, IT-Security Oct. 2021 - Oct. 2022
    Ruhr University Bochum, Germany
    Grade: 88% (fastest graduate, finished in 1 instead of 2 years)
  • B.Sc, Electrical Engineering since Oct. 2021
    Ruhr University Bochum, Germany
    Grade: 88% 110/180 ECTS (studying EE as a side quest)
  • B.Sc, IT-Security Oct. 2018 - Sep. 2021
    Ruhr University Bochum, Germany
    Grade: 96% (highest GPA in the graduation year out of 250)

Selected Publications

  • BreakFAST: Confused Deputy Attack on Infinity Fabric to Break AMD SEV-SNP
    IEEE S&P 2026 / Distinguished Paper Award | Philipp Giersfeld*, Benedict Schlüter*, Shweta Shinde
  • Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP
    USENIX Security 2026 | Benedict Schlüter*, Christoph Wech*, Shweta Shinde
  • RMPocalypse: How a Catch-22 Breaks AMD SEV-SNP
    CCS 2025 | Benedict Schlüter, Shweta Shinde
  • WeSee: Using Malicious #VC Interrupts to Break AMD SEV-SNP
    IEEE S&P 2024 / Distinguished Paper Award | Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, Shweta Shinde

For a full list of publications and manuscripts, please visit my Publications page or Google Scholar.

Impact & CVEs

  • CVE-2021-29155 / CVE-2021-34556 / CVE-2021-33624: Three speculative execution vulnerabilities in the Linux eBPF subsystem. Led to disabling unprivileged eBPF by default in Linux.
  • CVE-2024-25742 / 2024-2574 / 2024-25744: Interrupt injection attack vector compromising virtual machines across Intel and AMD.
  • CVE-2024-29970 / CVE-2024-29971 / CVE-2024-25371: Signal injection into SGX enclaves resulting in state corruption (EnclaveOS, Scone, Gramine).
  • CVE-2025-0033: Insufficient protection of the SEV-SNP RMP during initialization.
  • CVE-2025-54510 / CVE-2025-54509 / CVE-2025-61971 / CVE-2025-61972: Embargoed vulnerabilities related to platform architecture and coherency.

Work Experience

  • Doctoral Student since Feb. 2023
    ETH Zurich
    Expert in AMD x86 architecture, specifically SEV-SNP security frameworks. Identified multiple novel platform-level vulnerabilities. Highly familiar with KVM internals and developed exploits for various vulnerabilities.
  • Security Software Engineer Oct. 2021 - Sep. 2022
    Edgeless Systems GmbH
    Designed and implemented high-availability backends in Golang for Constellation. Focused on secure inter-node state exchange using gRPC and bootstrapping Kubernetes clusters within dynamic WireGuard VPNs.
  • Teaching Assistant / Lecturer Oct. 2019 - Jan. 2023
    Ruhr University Bochum
    Head TA for a first-year architecture lecture (600+ attendees). Lecturer for second-year System Theory.

Awards & Honors

  • Distinguished Paper Award 2026 & 2024
    IEEE S&P
  • Google PhD Fellowship 2025
    Privacy, Safety, and Security
  • Pwnie Award Finalist 2024
    Most Innovative Research
  • Eurobits Excellence Award 2022
    Best German info-sec thesis
  • G-DATA Award & ESCRYPT Young Talent Award 2022
    Top academic achievements at RUB
[email protected]