New TPM Vulnerability Discovered in AMD Ryzen Processors
Recently, the Trusted Computing Group (TCG), the organization behind the Trusted Platform Module (TPM) security standard, brought attention to a significant vulnerability affecting AMD Ryzen processors. This issue has been logged under the identifier “CVE-2025-2884″and tracked by AMD as “AMD-SB-4011.”
Understanding the Vulnerability
The vulnerability allows potential attackers to exploit it by issuing harmful commands that could lead to unauthorized access to sensitive data within the TPM or may compromise system availability through a denial of service attack. Specifically, this flaw is categorized as an out-of-bounds read security issue.
According to TCG’s findings, the problem originates in the CryptHmacSign function, which fails to validate message digests or hashes correctly within the hash-based message authentication code (HMAC) signature scheme. This flaw can lead to out-of-bound reading conditions.
The reference code did not implement appropriate consistency check in CryptHmacSign() resulting in potential out-of-bound read. The out-of-bound read occurs on the buffer passed to the ExecuteCommand() entry point. CVE-2025-2884 may allow an attacker to read up to 65535 bytes past the end of that buffer.
Severity and Mitigation Efforts
The Common Vulnerability Scoring System (CVSS) has assigned a score of 6.6 to this vulnerability, indicating a medium level of severity. This rating reflects the fact that a successful attack typically requires physical access to the device. In response, AMD has proactively released firmware updates intended to address this vulnerability in Ryzen 7000, 8000 (Zen 4), and 9000 (Zen 5) series processors.
AMD has confirmed that the AGESA (AMD Generic Encapsulated Software Architecture) firmware update Combo PI 1.2.0.3e effectively mitigates the vulnerability. This update addresses the issue related to the “ASP fTPM + Pluton TPM, ”with “ASP”referring to the AMD Secure Processor—a dedicated hardware component integrated into each system-on-a-chip.
Firmware Release and User Guidance
Various motherboard manufacturers, including Asus and MSI, are rolling out the critical firmware updates. MSI has published a blog post highlighting the new features associated with the 1.2.0.3e update, such as improved memory compatibility and support for newly planned CPUs. They stated:
This update not only adds support for upcoming new CPU, but also enables all AM5 motherboards to support large-capacity 64GBx4 DRAM chips..… Even with four 64GB DRAM fully installed, the system can still achieve a stable overclocking speed of 6000MT/s, and even up to 6400MT/s.
In addition, this update optimizes 2DPC 1R capability and includes overclocking enhancements specifically for Samsung’s 4Gx8 chips.
Interestingly, Asus has indicated that this firmware update is irreversible as it constitutes a major release. This necessitates heightened confidence in the stability of the release since it represents the “e”stepping, implying a greater likelihood of reliability.
As it stands, other vendors like Gigabyte and ASRock are still in the process of developing their respective updates in light of this vulnerability.
For further details and the latest updates, please refer to the source.
Leave a Reply