The CERT warned that an Out Of Bounds read vulnerability in the CryptParameterDecryption() routine, allows 2-byte read access to data that was not part of the current session and writes two bytes after the end of the current command buffer, causing memory corruption. The two flaws were caused because of the way TPM reference spec processes parameters which are a part of TPM commands. The pair of vulnerabilities are tracked as CVE-2023-1017 and CVE-2023-1018, which can be exploited by sending malicious commands to a module by an authenticated local attacker allowing read-only access or overwriting protected data in the TPM firmware, leading to crash or arbitrary code execution as the attacker's payload running within the TPM may be undetectable by other components of the target device. The Trusted Platform Module technology is a hardware-based solution to provide security related functions to the OS on modern computers, and in recent years, due to the popularity of virtualization and cloud computing, software-based TPM implementations have also gained popularity. According to an advisory from CERT Coordination Center, a cybersecurity company Quarkslab identified a pair of severe security defects in the Trusted Platform Module (TPM)2.0 reference library specification, causing a massive cross-vendor effort to address vulnerable installations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |