Skip to main content

Trusted Platform Module (TPM) Multiple Vulnerabilities

Release Date: 6 Mar 2023 4650 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Multiple vulnerabilities were identified in Trusted Platform Module (TPM). An attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and elevation of privilege on the targeted system.

 

Trusted Platform Module (TPM) technology is a hardware-based solution that provides secure cryptographic functions to the operating systems on modern computers, making it resistant to tampering. TPM can be implemented in hardware form, virtual TPM's in Hypervisor form or in a purely software-based implementation. Hardware and software manufacturers use these specifications to build firmware that complies with standards and provides a secure interface to sensitive cryptographic data. TPM is employed in a variety of devices, from enterprise-grade hardware to Internet of Things (IoT) appliances.


Impact

  • Information Disclosure
  • Elevation of Privilege

System / Technologies affected

  • Trusted Platform Module (TPM) 2.0 reference library specification Level 00, Revision 01.59 November 2019

Solutions

Apply any updates provided by hardware and software manufacturers. Updating the firmware of TPM chips may be necessary, and this can be done through an OS vendor or the original equipment manufacturer (OEM). Users can refer to the following link

 


Vulnerability Identifier


Source


Related Link