New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices

By Ravie Lakshmanan — March 3^rd 2023 at 10:18

A pair of serious security defects has been disclosed in the Trusted Platform Module (TPM) 2.0 reference library specification that could potentially lead to information disclosure or privilege escalation. One of the vulnerabilities, CVE-2023-1017, concerns an out-of-bounds write, while the other, CVE-2023-1018, is described as an out-of-bounds read. Credited with discovering and reporting the

FreshRSS

New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices