216.73.217.98

CVE-2025-1122

· Published 15/04/2025 20:15 · Modified 15/04/2025 20:15

Labels: CVE-2025-1122 2025-04-157f6e188d-c52a-4a19-8674-3c3fa7d1fc7fCVE-2025-1122

Essential information

Published
15/04/2025 20:15
Modified
15/04/2025 20:15
Author
Creator
CISA KEV
No
CWE

Description

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f
NVD
View on NVD

Affected products (CPE)

ProductCPE
google / chrome os cpe:2.3:o:google:chrome_os:122.0.6261.132:*:*:*:*:*:*:*
google / chrome os cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*

References