CPE Details
Trusted Computing Group Trusted Platform Module (TPM) 2.0 Revision 1.40
2.0
2020-12-01
13h48 +00:00
13h48 +00:00
2020-12-01
13h48 +00:00
13h48 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:trustedcomputinggroup:trusted_platform_module:2.0:revision_1.40:*:*:*:*:*:*
Informations
Vendor
trustedcomputinggroupProduct
trusted_platform_moduleVersion
2.0Update
revision_1.40Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in susceptibility to a dictionary attack. | 7.2 |
High |
||
| An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 sleep and can clear TPM 2.0. It allows local users to overwrite static PCRs of TPM and neutralize the security features of it, such as seal/unseal and remote attestation. | 7.1 |
High |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.