CVE-2025-2884

MEDIUM 6.6

Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation

CVSS Score

6.6

EPSS Score

0.1%

EPSS Percentile

22th

TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0

Vendor	trusted computing group
Product	tpm2.0
Published	Jun 10, 2025
Last Updated	Apr 14, 2026

Stay Ahead of the Next One

Get instant alerts for trusted computing group tpm2.0

Be the first to know when new medium vulnerabilities affecting trusted computing group tpm2.0 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Trusted Computing Group / TPM2.0

0 < 1.83

References

NVD ↗ CVE.org ↗ EPSS Data ↗

trustedcomputinggroup.org: https://trustedcomputinggroup.org/about/security/ trustedcomputinggroup.org: https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf trustedcomputinggroup.org: https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf github.com: https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1 cve.org: https://www.cve.org/CVERecord?id=CVE-2025-49133 intel.com: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html kb.cert.org: https://www.kb.cert.org/vuls/id/282450 cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-628843.html