Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Tpm2-tools Security Vulnerabilities

cve
cve

CVE-2024-29039

tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS

8.9AI Score

0.0004EPSS

2024-06-28 04:15 PM
19
cve
cve

CVE-2024-29038

tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This issue was patched in version...

4.3CVSS

4.5AI Score

0.0004EPSS

2024-06-28 02:15 PM
14
cve
cve

CVE-2021-3565

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data...

5.9CVSS

5.6AI Score

0.001EPSS

2021-06-04 12:15 PM
161
3
cve
cve

CVE-2017-7524

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating...

7.5CVSS

7.4AI Score

0.002EPSS

2017-06-27 02:29 PM
22