Trusted Computing Group’s Trust Platform Module 2.0 reference library specification has been discovered with two buffer overflow vulnerabilities that threat actors can exploit to access read-only sensitive data or overwrite normally protected data, which is only available to the TPM. A malicious individual who has gained access to the TPM 2.0’s Command interface has the capability to take advantage of this vulnerability by sending specifically crafted commands to the module.
Source: GBHackers