CVE-2023-1018 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Trustedcomputinggroup Trusted Platform Module. Its CVSS base score is 5.5 (Medium).
Operationally, ranked in the top 29.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in…