First published: Wed Nov 18 2020(Updated: )
Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in susceptibility to a dictionary attack.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Trustedcomputinggroup Trusted Platform Module | =2.0-revision_1.38 | |
Trustedcomputinggroup Trusted Platform Module | =2.0-revision_1.40 | |
Trustedcomputinggroup Trusted Platform Module | =2.0-revision_1.59 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-26933 is high.
CVE-2020-26933 affects Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 by allowing incorrect access control during a non-orderly TPM shut-down.
CVE-2020-26933 can be exploited through a dictionary attack.
The CWE ID for CVE-2020-26933 is 665.
To fix CVE-2020-26933, ensure that the Trusted Platform Module Library Family 2.0 is updated to the latest version.