6 matches found
Design/Logic Flaw
An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...
CVE-2023-30633
CVE-2023-30633 affects Insyde InsydeH2O’s TrEEConfigDriver (kernel 5.0–5.5). The issue allows reporting of false TPM PCR values, enabling a device to masquerade as healthy by extending arbitrary data into PCR banks. Impact depends on PCR integrity, potentially masking malware activity; exploit re...
CVE-2021-42299
creationtimestamp| type| source ---|---|--- 2021-10-21 10:49:02+00:00| published-proof-of-concept| https://t.me/hackertrick/320 2021-10-21 13:11:26+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/4566 2023-10-20 00:34:52+00:00| seen| https://t.me/cibsecurity/72631...
CVE-2021-42299 Microsoft Surface Pro 3 Security Feature Bypass Vulnerability
...
CVE-2021-42299
CVE-2021-42299 affects Microsoft Surface Pro 3 and is described as a security feature bypass vulnerability. From the provided data, the vulnerability is local in scope (attack vector LOCAL, no user interaction required per CVSS), with partial confidentiality and integrity impact and no availabili...
Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices
Microsoft has published a new advisory warning of a security bypass vulnerability affecting Surface Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious devices within enterprise networks and defeat the device attestation mechanism. Tracked as CVE-2021-42299 CV...