CVE-2025-1122
Essential information
- Published
- 15/04/2025 20:15
- Modified
- 15/04/2025 20:15
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and
bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- 7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| google / chrome os | cpe:2.3:o:google:chrome_os:122.0.6261.132:*:*:*:*:*:*:* |
| google / chrome os | cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:* |