trusted computing group vulnerabilities and exploits

(subscribe to this query)

TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata 1.83 of TCG standard TPM2.0

Trusted Computing Group Tpm2.0

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashin...

Trusted Computing Group Tpm2.0 Trustedcomputinggroup Trusted Platform Module 2.0 Microsoft Windows 10 1507 Microsoft Windows 10 1607 Microsoft Windows 10 1809 Microsoft Windows 10 20h2 Microsoft Windows 10 21h2 Microsoft Windows 10 22h2 Microsoft Windows 11 21h2 Microsoft Windows 11 22h2 Microsoft Windows Server 2016 Microsoft Windows Server 2019

2 Github repositories1 Article

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the ...

Trusted Computing Group Tpm2.0 Trustedcomputinggroup Trusted Platform Module 2.0 Microsoft Windows 10 1507 Microsoft Windows 10 1607 Microsoft Windows 10 1809 Microsoft Windows 10 20h2 Microsoft Windows 10 21h2 Microsoft Windows 10 22h2 Microsoft Windows 11 21h2 Microsoft Windows 11 22h2 Microsoft Windows Server 2016 Microsoft Windows Server 2019

2 Github repositories1 Article

Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 up to and including 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in su...

Trustedcomputinggroup Trusted Platform Module 2.0

An issue exists that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 s...

Trustedcomputinggroup Trusted Platform Module 2.0

1 Github repository

tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array ...

Tpm2-software Tpm2-tss Tpm2 Software Stack Project Tpm2 Software Stack

Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds (OOB) read vulner...

Stefanberger Libtpms

Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...

Apache Software Foundation Apache Log4j2 Siemens 6bk1602-0aa12-0tp0 Firmware Siemens 6bk1602-0aa22-0tp0 Firmware Siemens 6bk1602-0aa32-0tp0 Firmware Siemens 6bk1602-0aa42-0tp0 Firmware Siemens 6bk1602-0aa52-0tp0 Firmware Apache Log4j Apache Log4j 2.0 Siemens Sppa-t3000 Ses3000 Firmware Siemens Capital Siemens Capital 2019.1 Siemens Comos

2 Metasploit modules881 Github repositories29 Articles

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook