Описание
Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in susceptibility to a dictionary attack.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:trustedcomputinggroup:trusted_platform_module:2.0:revision_1.38:*:*:*:*:*:*
cpe:2.3:a:trustedcomputinggroup:trusted_platform_module:2.0:revision_1.40:*:*:*:*:*:*
cpe:2.3:a:trustedcomputinggroup:trusted_platform_module:2.0:revision_1.59:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
7.2 High
CVSS3
6 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-665
Связанные уязвимости
github
больше 3 лет назад
Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in susceptibility to a dictionary attack.
EPSS
Процентиль: 16%
0.0005
Низкий
7.2 High
CVSS3
6 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-665