all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices

Add to bookmarks
March 3, 2023, 10:18 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A pair of serious security defects has been disclosed in the Trusted Platform Module (TPM) 2.0 reference library specification that could potentially lead to information disclosure or privilege escalation.
One of the vulnerabilities, CVE-2023-1017, concerns an out-of-bounds write, while the other, CVE-2023-1018, is described as an out-of-bounds read. Credited with discovering and reporting the

cve devices disclosure enterprise escalation flaws information information disclosure iot library out-of-bounds out-of-bounds write platform privilege privilege escalation reference reporting security serious threat tpm tpm 2.0 trusted platform module vulnerabilities

Visit resource

More from thehackernews.com / The Hacker News

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade 10 hours ago | thehackernews.com
analysis called cisco cisco talos +22
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor 10 hours ago | thehackernews.com
auto auto industry automotive automotive industry +17
Recover from Ransomware in 5 Minutes—We will Teach You How! 13 hours ago | thehackernews.com
attack back can cdp +21
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks 14 hours ago | thehackernews.com
analysis android android trojan called +16
How to Conduct Advanced Static Analysis in a Malware Sandbox 14 hours ago | thehackernews.com
advanced analysis can dynamic +17
Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide 14 hours ago | thehackernews.com
arrested as-a-service called crackdown +14
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes 18 hours ago | thehackernews.com
access april critical critical vulnerabilities +25
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor 20 hours ago | thehackernews.com
actor ads backdoor campaign +16
Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks 1 day, 11 hours ago | thehackernews.com
advanced advanced persistent threat apt apt44 +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Deputy Chief Information Security Officer

@ City of Philadelphia | Philadelphia, PA, United States
View on infosec-jobs.com

Global Cybersecurity Expert

@ CMA CGM | Mumbai, IN
View on infosec-jobs.com

Senior Security Operations Engineer

@ EarnIn | Mexico
View on infosec-jobs.com

Cyber Technologist (Sales Engineer)

@ Darktrace | London
View on infosec-jobs.com
View more jobs