CVE-2023-36717

Windows Virtual Trusted Platform Module Denial of Service Vulnerability...

CVE-2023-36718

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability...

CVE-2023-36718

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability...

CVE-2023-36717

Windows Virtual Trusted Platform Module Denial of Service Vulnerability...

Remote code execution

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability...

Denial of service

Windows Virtual Trusted Platform Module Denial of Service Vulnerability...

CVE-2023-36718 Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability

...

CVE-2023-36717 Windows Virtual Trusted Platform Module Denial of Service Vulnerability

...

CVE-2023-36718

CVE-2023-36718: Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability. CVSS 3.1: Attack Vector LOCAL, Attack Complexity HIGH, Privileges Required LOW, User Interaction NONE, Scope CHANGED, with Confidentiality, Integrity, and Availability impacts rated HIGH. Exploitation s...

CVE-2023-36718 Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability

...

CVE-2023-36717

Technical details for CVE-2023-36717 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor notices.

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability

...

Microsoft Windows Virtual Trusted Platform Module Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in the Microsoft Windows Virtual Trusted Platform Module. An attacker could exploit the vulnerability to remotely execute code. The...

PT-2023-6060 · Microsoft · Virtual Trusted Platform Module +1

Name of the Vulnerable Software and Affected Versions: Microsoft Virtual Trusted Platform Module affected versions not specified Description: The issue is related to insufficient input validation in the virtual trusted platform module of Windows operating systems. This can be exploited by attacke...

Duplicate Advisory: EVE Freely Allocates Buffer on The Stack With Data From Socket

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-phcg-h58r-gmcq. This link is maintained to preserve external references. Original Description As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing...

CVE-2023-43632

As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The communication with this server is done using...

Duplicate Advisory: EVE Seals Vault Key With SHA1 PCRs

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wc42-fcjp-v8vq. This link is maintained to preserve external references. Original Description Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism...

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot (CVE-2019-1589)

A vulnerability in the Trusted Platform Module TPM functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The...

Keylime 安全漏洞

Keylime is an open source extensible trust system for Keylime that utilizes TPM technology. A security vulnerability exists in Keylime. An attacker exploited the vulnerability to cause a denial of service on the system...

Keylime 安全漏洞

Keylime is an open source extensible trust system for Keylime that utilizes TPM technology. A security vulnerability exists in keylime that stems from the inability of the keylime validation program to mark a TPM quote submitted by a device as having an error...