Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2022/02/11 11:18 p.m.42 views

TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm

Impact TPM 2.0 users are unaffected by this issue. An adversary eavesdropping on the TPM 1.2 transport path can calculate usageAuth for a key created with CreateWrapKey, even though this value is encrypted as part of the TPM 1.2 command protocol. The TPM 1.2 CreateWrapKey command accepts two...

7.1CVSS6.7AI score0.00017EPSS
Exploits1References6Affected Software1
OSV
OSVadded 2022/02/11 11:18 p.m.12 views

GHSA-5X29-3HR9-6WPW TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm

Impact TPM 2.0 users are unaffected by this issue. An adversary eavesdropping on the TPM 1.2 transport path can calculate usageAuth for a key created with CreateWrapKey, even though this value is encrypted as part of the TPM 1.2 command protocol. The TPM 1.2 CreateWrapKey command accepts two...

7.1CVSS6.9AI score0.00017EPSS
Exploits1References6
NVD
NVDadded 2021/06/08 5:15 p.m.9 views

CVE-2021-32015

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against the vulnerability, but version 7.4.0.1 is not TCG or Comm...

6CVSS0.00045EPSS
Exploits0References1
CVE
CVEadded 2021/06/08 4:58 p.m.43 views

CVE-2021-32015

Summary: CVE-2021-32015 affects Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0. A locally authenticated, high-privilege attacker could gain unauthorized access to TPM non-volatile memory. Impact: local compromise of TPM NVRAM. Mitigation: update to firmware 7.4.0.1 (note: not TCG/CC certified). Vendors...

6CVSS5.8AI score0.00045EPSS
Exploits0References1Affected Software1
Lenovo
Lenovoadded 2021/06/08 2:44 p.m.31 views

Nuvoton TPM 1.2 Vulnerability - Lenovo Support US

No description provided...

6CVSS6AI score0.00045EPSS
Exploits0
Lenovo
Lenovoadded 2018/05/24 1:19 p.m.594 views

RSA Keys Generated by Infineon TPMs are Insecure - US

Lenovo Security Advisory: LEN-15552 Potential Impact: RSA keys generated by the Infineon TPM using certain firmware levels are insecure Severity: Varies; None to High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-15361 Summary Description: A vulnerability was identified in the RSA key...

4.3CVSS5.9AI score0.73437EPSS
Exploits0
NVD
NVDadded 2017/10/16 5:29 p.m.13 views

CVE-2017-15361

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module TPM firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various...

5.9CVSS5.5AI score0.73437EPSS
Exploits0References22
Rows per page
Query Builder