Local denial of service in Intel PTT and SPS firmware
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2025-2884 |
| CWE-ID | CWE-125 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Intel C420 Chipset Hardware solutions / Firmware Intel X299 Chipset Hardware solutions / Firmware Intel C620 Series Chipset Hardware solutions / Firmware 8th Gen Intel Core processor Hardware solutions / Firmware Intel 200 Series Chipset Hardware solutions / Firmware Intel 100 Series Chipset Hardware solutions / Firmware Intel 300 Series Chipset Hardware solutions / Firmware Intel C240 Series Chipset Hardware solutions / Firmware Pentium Gold processor series (G54XXU) Hardware solutions / Firmware Intel Celeron Processor 4000 Series Hardware solutions / Firmware 10th Generation Intel Core Processors Hardware solutions / Firmware Intel Pentium Processor Silver Series Hardware solutions / Firmware Celeron processor N series Hardware solutions / Firmware Intel 400 Series Chipset Hardware solutions / Firmware Intel 500 series chipset Hardware solutions / Firmware Intel C250 Series Chipset Hardware solutions / Firmware C740 series chipset Hardware solutions / Firmware Intel Atom x6000E series Hardware solutions / Firmware Intel Celeron Processor J Series Hardware solutions / Firmware Intel 600 Series Chipset Hardware solutions / Firmware Intel 700 series chipset Hardware solutions / Firmware Intel W790 chipset Hardware solutions / Firmware Intel Core Ultra family Hardware solutions / Firmware Intel Pentium Processor J4000 Series Hardware solutions / Firmware Intel Pentium Processor N4000 Series Hardware solutions / Firmware Intel Celeron processor J3000/N3000 series Hardware solutions / Firmware Intel Pentium processor J5000 series Hardware solutions / Firmware Intel Pentium processor N5000 series Hardware solutions / Firmware Intel Celeron J4000 Processors Hardware solutions / Firmware Intel Celeron N4000 Processors Hardware solutions / Firmware Intel Pentium Processor N Series Hardware solutions / Other hardware appliances Intel Pentium Processor J Series Hardware solutions / Other hardware appliances Intel Atom Processor E3900 Series Hardware solutions / Other hardware appliances |
| Vendor | Intel |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Out-of-bounds read
EUVDB-ID: #VU111030
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-2884
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the CryptHmacSign helper function of TCG TPM2.0 Reference implementation. A local user can trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel C420 Chipset: before 11.12.97
Intel X299 Chipset: before 11.12.97
Intel C620 Series Chipset: before 11.22.97
8th Gen Intel Core processor: before 11.8.97
Intel 200 Series Chipset: before 11.8.97
Intel 100 Series Chipset: before 11.8.97
Intel 300 Series Chipset: before 12.0.96
Intel C240 Series Chipset: before 12.0.96
Pentium Gold processor series (G54XXU): before 12.0.96
Intel Celeron Processor 4000 Series: before 12.0.96
10th Generation Intel Core Processors: before 13.0.70
Intel Pentium Processor Silver Series: before 13.50.30
Celeron processor N series: before 13.50.30
Intel 400 Series Chipset: before 14.1.75
Intel 500 series chipset: before 15.0.50
Intel C250 Series Chipset: before 15.0.50
C740 series chipset: before 15.20.20
Intel Atom x6000E series: before 15.40.35
Intel Pentium Processor N Series: before 15.40.35
Intel Pentium Processor J Series: before 15.40.35
Intel Celeron Processor J Series: before 15.40.35
Intel 600 Series Chipset: before 16.1.35
Intel 700 series chipset: before 16.1.35
Intel W790 chipset: before 16.11.20
Intel Core Ultra family: before 18.0.10
Intel Atom Processor E3900 Series: before 3.1.97
Intel Pentium Processor J4000 Series: before 3.1.97
Intel Pentium Processor N4000 Series: before 3.1.97
Intel Celeron processor J3000/N3000 series: before 3.1.97
Intel Pentium processor J5000 series: before 4.0.55
Intel Pentium processor N5000 series: before 4.0.55
Intel Celeron J4000 Processors: before 4.0.55
Intel Celeron N4000 Processors: before 4.0.55
CPE2.3- cpe:2.3:h:intel:intel_c420_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_x299_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_c620_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:8th_gen_intel_core_processor:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_200_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_100_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_300_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_c240_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:pentium_gold_processor_series_g54xxu:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_celeron_processor_4000_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:10th_generation_intel_core_processors:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_pentium_processor_silver_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:celeron_processor_n_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_400_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_500_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_c250_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:c740_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_atom_x6000e_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_pentium_processor_n_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_pentium_processor_j_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_celeron_processor_j_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_600_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_700_series_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_w790_chipset:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_core_ultra_family:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_atom_processor_e3900_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_pentium_processor_j4000_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_pentium_processor_n4000_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_celeron_processor_j3000_n3000_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_pentium_processor_j5000_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_pentium_processor_n5000_series:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_celeron_j4000_processors:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_celeron_n4000_processors:*:*:*:*:*:*:*:*
https://trustedcomputinggroup.org/about/security/
https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html
https://www.kb.cert.org/vuls/id/282450
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
