Passionategeekz On June 15, according to the Trusted Computing Organization (TCG), there are TPM security vulnerabilities in AMD Ryzen 7000, 8000 and 9000 series processors (Passionategeekz Note: No. CVE-2025-2884 / AMD-SB-4011).
This vulnerability is of the type of out-of-bounds read, and an attacker can use information leakage flaws to read TPM storage data by sending malicious instructions, or affect TPM availability through a denial of service attack. CVSS risk score is 6.6 (medium risk), butPhysical contact with equipment is required to carry out an attack。
TCG pointed out in the announcement that the vulnerability originated from the failure of the CryptHmacSign () function to perform integrity checks, resulting in the invalidation of message digest verification based on the HMAC (Hasked Message Authentication Code) signature scheme. An attacker can use this to read data beyond the buffer (up to 65535 bytes).
AMD confirmed that the vulnerability can be fixed with the AGESA Combo PI version 1.2.0.3e firmware, specifically for the “ASP fTPM + Pluton TPM” issue.
At present, motherboard manufacturers have pushed updates one after another, among which Asus and MSI were the first to release the new version of BIOS firmware on Friday, while Gigabyte and ASRock have not yet been updated. Asus also specifically reminds: Because it is a major version update, the firmware cannot be returned to the old version this time.
Related readings:
Advertising statement: The external redirect links (including, not limited to, hyperlinks, QR codes, passwords, etc.) contained in the article are used to convey more information and save selection time. The results are for reference only. All articles from Passionategeekz include this statement.
Discover more from PassionateGeekz
Subscribe to get the latest posts sent to your email.
