New TPM 2.0 flaws could let hackers steal cryptographic keys

The Trusted Platform Module (TPM) 2.0 specification is affected by two buffer overflow vulnerabilities that could allow attackers to access or overwrite sensitive data, such as cryptographic keys.

TPM is a hardware-based technology that provides operating systems with tamper-resistant secure cryptographic functions. It can be used to store cryptographic keys, passwords, and other critical data, making any vulnerability in its implementation a cause for concern.

While a TPM is required for some Windows security features, such as Measured Boot, Device Encryption, Windows Defender System Guard (DRTM), Device Health Attestation, it is not required for other more commonly used features.

However, when a Trusted Platform Module is available, Windows security features get enhanced security in protecting sensitive information and encrypting data.

The TPM 2.0 specification gained popularity (and controversy) when Microsoft made it a  due to its required boot security measures and ensuring that Windows Hello face recognition provides reliable authentication.

Linux also supports TPMs, but there are no requirements for using the module in the operating system. However, there are  that allow applications and users to secure data in TPMs.

The TPM 2.0 vulnerabilities

The new vulnerabilities in TPM 2.0 were discovered by Quarkslab’s researchers Francisco Falcon and Ivan Arce who said the flaws could impact billions of devices. The vulnerabilities are tracked as CVE-2023-1017 (out-of-bounds read) and CVE-2023-1018 (out-of-bounds write).

Both flaws arise from how the specification processes the parameters for some TPM commands, allowing an authenticated local attacker to exploit them by sending maliciously crafted commands to execute code within the TPM.

According to the  by Trusted Computing Group (TCG), the developer of the TPM specification, this could result in information disclosure or escalation of privileges.

The Trusted Computing Group explains that the buffer overflow problems concern reading or writing 2 bytes after the end of the buffer passed to the ExecuteCommand() entry point.

The impact of this depends on what vendors have implemented on that memory location, i.e., if it’s unused memory or if it contains live data.

The CERT Coordination Center has published an alert about the vulnerabilities and has been informing vendors for months, trying to raise awareness while mapping the impact. Unfortunately, only a handful of entities have confirmed they are impacted.

“An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and trigger these vulnerabilities,” .

“This allows either read-only access to sensitive data or overwriting of normally protected data that is only available to the TPM (e.g., cryptographic keys).”

The solution for impacted vendors is to move to a fixed version of the specification, which includes one of the following:

  • TMP 2.0 v1.59 Errata version 1.4 or higher
  • TMP 2.0 v1.38 Errata version 1.13 or higher
  • TMP 2.0 v1.16 Errata version 1.6 or higher

Lenovo is the only major OEM that has issued a  about the two TPM flaws so far, warning that CVE-2023-1017 impacts  running on Nuvoton TPM 2.0 chips.

While these flaws require authenticated local access to a device, it is important to remember that malware running on the device would meet that condition.

TPM is a highly-secured space that should theoretically be shielded even from malware running on the device, so the practical importance of these vulnerabilities shouldn’t be ignored or downplayed.

Users are recommended to limit physical access to their devices to trusted users, only use signed applications from reputable vendors, and apply firmware updates as soon as they become available for their devices.