CVE-2023-1017 | MSRC Compact Detail

Severity

Critical

Impact

Elevation of Privilege

CVSS

8.8 base · 7.7 temporal

Release

2023-03-14

Signals

Windows TPM Elevation of Privilege Exploited: No Publicly disclosed: No Exploitability: Exploitation Less Likely

CWE

CWE-122: Heap-based Buffer Overflow

Patch Diff

Loading module diff metadata...

Resolved binary override

Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.

Old version New version

Description

No description was published by MSRC.

FAQ / Articles

Exploit - Trusted Platform Module (TPM) OOBW

How could an attacker exploit this vulnerability? By leveraging malicious TPM commands from a guest VM to a target running Hyper-V, an attacker can cause an out of bounds write in the root partition.

FAQ

Why is the CERT/CC the assigning CNA (CVE Numbering Authority)? This CVE is regarding a vulnerability in a third party driver. CERT/CC created this CVE on behalf of the researcher who discovered the vulnerability.

MSRC Fields

Module / Tag

Windows TPM

Release number

2023-Mar

Latest revision

2023-03-14

CNA

CERT/CC

Customer action

required

Denial of service

N/A

CVSS Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

References

MSRC

Official detail

CVE Record

CVE.org

Revision History

v1 · 2023-03-14

Information published.

CVE-2023-1017 · CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability