Vulnerabilities > CVE-2021-38576 - Unspecified vulnerability in Tianocore Edk2

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
tianocore

Summary

A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.