- The 40+ best Black Friday PlayStation 5 deals 2024: Deals available now
- The 25+ best Black Friday Nintendo Switch deals 2024
- Why there could be a new AI chatbot champ by the time you read this
- The 70+ best Black Friday TV deals 2024: Save up to $2,000
- This AI image generator that went viral for its realistic images gets a major upgrade
TPM 2.0 Library Vulnerabilities May Affect Billions of IoT Devices
Two separate vulnerabilities have been found in the Trusted Platform Module (TPM) 2.0 that could lead to information disclosure or escalation of privilege.
At a basic level, TPM is a hardware-based technology providing secure cryptographic functions to the operating systems on modern computers, making them resistant to tampering.
Affecting Revisions 1.59, 1.38 and 1.16 of the module’s reference implementation code, the flaws were first discovered by security researchers at Quarks Lab in November. Earlier this week, the company concluded a coordinated disclosure process with the CERT Coordination Center and Trusted Computing Group (TCG). The latter company is the publisher of the TPM 2.0 Library documentation.
The disclosed flaws occurred when handling malicious TPM 2.0 commands with encrypted parameters. Both of them are in the `CryptParameterDecryption` function, which is defined in the TCG document.
The first of the vulnerabilities (CVE-2023-1018) is an out-of-bound read bug, while the second one (tracked CVE-2023- 1017) is defined as an out-of-bounds write.
“These vulnerabilities can be triggered from user-mode applications by sending malicious commands to a TPM 2.0 whose firmware is based on an affected TCG reference implementation,” TCG wrote. “Additional instances may be identified because of the TPM Work Group ongoing analysis and may result in a larger scope of potential vulnerabilities.”
According to the CERT advisory, the flaws would enable read-only access to sensitive data (CVE-2023-1018) or overwriting (CVE-2023- 1017) of protected data only available to the TPM, such as cryptographic keys.
Before the public disclosure, TCG updated their Errata for TPM2.0 Library Specification with guidelines on how to remediate the flaws.
“To ensure the security of their systems, users should apply any updates provided by hardware and software manufacturers through their supply chain as soon as possible,” CERT wrote.
“Updating the firmware of TPM chips may be necessary, and this can be done through an OS vendor or the original equipment manufacturer (OEM). In some cases, the OEM may require resetting the TPM to its original factory default values as part of the update process.”
More information about hardware security is available in this piece by Infosecurity deputy editor James Coker.