Data Core Systems

https://datacoresystems.ro/the-rise-of-offensive-security/

Two Buffer Overflow Vulnerabilities Discovered in Trusted Platform Module (TPM) 2.0 Reference Library Specification


The Trusted Platform Module (TPM) 2.0 reference library specification has been found to have two buffer overflow vulnerabilities, which can be exploited by attackers who have access to a TPM-command interface. By sending maliciously-crafted commands to the module, the attacker can read sensitive data or overwrite normally protected data that is only available to the TPM, such as cryptographic keys. The vulnerabilities have been identified as CVE-2023-1017 and CVE-2023-1018, and were reported by cybersecurity company Quarkslab in November 2022.

TPM technology is a hardware-based solution that provides secure cryptographic functions to the operating systems on modern computers, making it resistant to tampering. However, as cloud computing and virtualization have become more popular, software-based TPM implementations have also gained popularity.

To address these vulnerabilities, users should apply updates provided by hardware and software manufacturers through their supply chain as soon as possible. The Trusted Computing Group (TCG) has released an update to their Errata for TPM2.0 Library Specification with instructions on how to address these vulnerabilities. Updating the firmware of TPM chips may be necessary, and this can be done through an OS vendor or the original equipment manufacturer (OEM). In some cases, the OEM may require resetting the TPM to its original factory default values as part of the update process.