CVE-2020-12926 - OpenCVE

The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device because the power must be repeatedly turned on and off. This potential attack may be used to change confidential information, alter executables signed by key material in the TPM, or create a denial of service of the device.

No CVSS v4.0

Attack Vector Physical

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Amd	Trusted Platform Modules Reference

Configuration 1 [-]

cpe:2.3:a:amd:trusted_platform_modules_reference:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.amd.com/en/corporate/product-security

History

No history.

MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2020-11-12T19:08:52

Updated: 2024-08-04T12:11:19.071Z

Reserved: 2020-05-15T00:00:00

Link: CVE-2020-12926

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-11-12T20:15:15.283

Modified: 2020-11-30T17:05:13.047

Link: CVE-2020-12926

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "AMD's fTPM implementation", "vendor": "n/a", "versions": [{"status": "affected", "version": "Each Linux distro determines its own version."}]}], "descriptions": [{"lang": "en", "value": "The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device because the power must be repeatedly turned on and off. This potential attack may be used to change confidential information, alter executables signed by key material in the TPM, or create a denial of service of the device."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-367", "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-11-12T19:08:52", "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.amd.com/en/corporate/product-security"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@amd.com", "ID": "CVE-2020-12926", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "AMD's fTPM implementation", "version": {"version_data": [{"version_value": "Each Linux distro determines its own version."}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device because the power must be repeatedly turned on and off. This potential attack may be used to change confidential information, alter executables signed by key material in the TPM, or create a denial of service of the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition"}]}]}, "references": {"reference_data": [{"name": "https://www.amd.com/en/corporate/product-security", "refsource": "MISC", "url": "https://www.amd.com/en/corporate/product-security"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:11:19.071Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.amd.com/en/corporate/product-security"}]}]}, "cveMetadata": {"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "assignerShortName": "AMD", "cveId": "CVE-2020-12926", "datePublished": "2020-11-12T19:08:52", "dateReserved": "2020-05-15T00:00:00", "dateUpdated": "2024-08-04T12:11:19.071Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amd:trusted_platform_modules_reference:-:*:*:*:*:*:*:*", "matchCriteriaId": "AAFE26DC-F3B5-4236-886D-98CD784A8197", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device because the power must be repeatedly turned on and off. This potential attack may be used to change confidential information, alter executables signed by key material in the TPM, or create a denial of service of the device."}, {"lang": "es", "value": "Es posible que el software de referencia Trusted Platform Modules (TPM) no rastree correctamente la cantidad de veces que ocurre un apagado fallido. Esto puede dejar al TPM en un estado en el que el material de la clave confidencial del TPM puede verse comprometido. AMD cree que el ataque requiere acceso f\u00edsico al dispositivo porque la energ\u00eda debe encenderse y apagarse repetidamente. Este ataque potencial puede ser usado para cambiar informaci\u00f3n confidencial, alterar los ejecutables firmados por material de clave en el TPM o crear una denegaci\u00f3n de servicio del dispositivo"}], "id": "CVE-2020-12926", "lastModified": "2020-11-30T17:05:13.047", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-12T20:15:15.283", "references": [{"source": "psirt@amd.com", "tags": ["Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-367"}], "source": "psirt@amd.com", "type": "Secondary"}]}