Vulnerability Type: Out-of-bounds Read

Affected Product(s): NPCT7xx with any Firmware revision prior to 7.2.4.1

Fixed Product(s): Firmware Version: 7.2.4.1 and above. For details on firmware updates, please contact the system OEM.

Workaround: A full power cycle (hard reset) will restore functionality to NPCT7xx.

Attack Type: Local

Impact: Denial of Service

Affected Components: The entire TPM.

Attack Vector: Attempted fault via out of bounds read.

Severity: Medium

Detailed Description: An out-of-bounds (OOB) read vulnerability exists in Trusted Platform Module (TPM) 2.0 Library specification. An attacker who can successfully exploit this vulnerability can potentially lead the TPM to a failure state causing a Denial of Service. No confidential data is at risk.

CVE Identifier: CVE-2025-2884