Lucene search
MitreCVELIST:CVE-2023-30633HistoryOct 19, 2023 - 12:00 a.m.
CVE-2023-30633
2023-10-1900:00:00
mitre
www.cve.org
treeconfigdriver
insydeh2o
tpm pcr
platform configuration registers
windows
vulnerability
surface pro
An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers (PCRs) to record information about device and software configuration to ensure that the boot process is secure. (For example, Windows uses these PCR measurements to determine device health.) A vulnerable device can masquerade as a healthy device by extending arbitrary values into Platform Configuration Register (PCR) banks. This requires physical access to a target victim’s device, or compromise of user credentials for a device. This issue is similar to CVE-2021-42299 (on Surface Pro devices).
Related
nvd
nvd
CVE-2023-30633
2023-10-19 20:15:08
CVE-2021-42299
2021-10-20 22:15:07
cve
cve
CVE-2023-30633
2023-10-19 20:15:08
CVE-2021-42299
2021-10-20 22:15:07
prion
prion
Design/Logic Flaw
2023-10-19 20:15:00
Security feature bypass
2021-10-20 22:15:00
mscve
mscve
Microsoft Surface Pro 3 Security Feature Bypass Vulnerability
2021-10-18 07:00:00
kaspersky
kaspersky
KLA12326 SB vulnerability in Microsoft Device
2021-10-18 00:00:00
thn
thn
Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices
2021-10-20 07:20:00
cvelist
cvelist
CVE-2021-42299 Microsoft Surface Pro 3 Security Feature Bypass Vulnerability
2021-10-20 21:15:10