Skip to main content

Trusted Platform Module Vulnerabilities

Security researchers have disclosed two vulnerabilities in the Trusted Platform Module (TPM, ISO11889-1:2009) standard used to provide hardware and software
Threat ID:
CC-2645
Category:
Exploit
Threat Severity:
Medium
Threat Vector:
Published:
30 August 2018 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

Security researchers have disclosed two vulnerabilities in the Trusted Platform Module (TPM, ISO11889-1:2009) standard used to provide hardware and software

Threat details

Both vulnerabilities exist in how TPM modules implement the Advanced Configuration and Power Interface (ACPI) protocol, used by operating systems to control state suspension and power usage by peripheral devices. The researchers discovered that by abusing the process for TPM modules recovering from suspended states they could reset the module. They could then inject untrusted code into the boot process of the affected device.

The vulnerabilities require privileged, local access to exploit and the second vulnerability (CVE-2017-16837) can only be exploited on TPM modules using the Trusted Boot library.

For further information

Remediation steps

Type Step
All major TPM vendors have confirmed updates are being produced to address these vulnerabilities. Users should contact their IT providers to ensure these updates are applied as soon as they become available.

Last edited: 17 February 2020 12:55 pm