CVE-2025-2884

6.6 MEDIUM

Published: June 10, 2025 Modified: April 15, 2026

Description

TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1

Source: cret@cert.org

https://trustedcomputinggroup.org/about/security/

Source: cret@cert.org

https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf

Source: cret@cert.org

https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf

Source: cret@cert.org

https://www.cve.org/CVERecord?id=CVE-2025-49133

Source: cret@cert.org

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.kb.cert.org/vuls/id/282450

Source: af854a3a-2127-422b-91ae-364da2661108

https://cert-portal.siemens.com/productcert/html/ssa-628843.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

8 reference(s) from NVD

Quick Stats

CVSS v3 Score

6.6 / 10.0

EPSS (Exploit Probability)

0.1%

22th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-125

Related CVEs

CVE-2026-41279 N/A

CVE-2026-41278 N/A

CVE-2026-41277 N/A

CVE-2026-41276 N/A

CVE-2026-41275 N/A