CVE-2025-2884

medium

Description

TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0

References

References
More

https://www.securityweek.com/microsoft-patches-173-vulnerabilities-including-exploited-windows-flaws/

https://www.infosecurity-magazine.com/news/last-windows-10-patch-tuesday-six/

https://thehackernews.com/2025/10/two-new-windows-zero-days-exploited-in.html

https://kb.cert.org/vuls/id/282450

https://www.kb.cert.org/vuls/id/282450

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html

https://www.cve.org/CVERecord?id=CVE-2025-49133

https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf

https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf

https://trustedcomputinggroup.org/about/security/

https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1

Details

Source: Mitre, NVD

Published: 2025-06-10

Updated: 2025-06-13

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 6.6

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018