Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Trusted Platform Module Security Vulnerabilities

cve
cve

CVE-2023-1017

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process.....

7.8CVSS

7.9AI Score

0.0005EPSS

2023-02-28 07:15 PM
215
cve
cve

CVE-2023-1018

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the...

5.5CVSS

6.3AI Score

0.001EPSS

2023-02-28 06:15 PM
178
cve
cve

CVE-2020-26933

Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in susceptibility to a dictionary...

7.2CVSS

6AI Score

0.0004EPSS

2020-11-18 05:15 PM
17
cve
cve

CVE-2018-6622

An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 sleep and...

7.1CVSS

6.8AI Score

0.0004EPSS

2018-08-17 06:29 PM
29
cve
cve

CVE-2017-16837

Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function...

7.8CVSS

7.5AI Score

0.0004EPSS

2017-11-16 02:29 AM
42
cve
cve

CVE-2017-15361

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various...

5.9CVSS

5.7AI Score

0.004EPSS

2017-10-16 05:29 PM
151
2
cve
cve

CVE-2017-10606

Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products. The TPM is used in the SRX300 Series to encrypt sensitive...

4.4CVSS

4.5AI Score

0.0004EPSS

2017-10-13 05:29 PM
19