CVE-2025-2884
MEDIUMTCG TPM2.0 Reference implementation - Info Disclosure
Title source: llmDescription
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0
References (8)
Core 8
Core References
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-628843.html
Various Sources
https://trustedcomputinggroup.org/about/security/
Various Sources
https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf
Various Sources
https://www.cve.org/CVERecord?id=CVE-2025-49133
Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html
Third Party Advisory, US Government Resource
https://www.kb.cert.org/vuls/id/282450
Scores
CVSS v3
6.6
EPSS
0.0007
EPSS Percentile
21.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (1)
Trusted Computing Group/TPM2.0
< 1.83
Published
Jun 10, 2025
Tracked Since
Feb 18, 2026