cvedb.io
CVE-2021-32015
MEDIUM · CVSS 6
EPSS exploitation probability: 0%
Published 2021-06-08T17:15:07.720 · Last modified 2026-06-17T03:52:40.767

Summary

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against the vulnerability, but version 7.4.0.1 is not TCG or Common Criteria (CC) certified. Nuvoton recommends that users apply the NPCT75x TPM 1.2 firmware update.

Affected products

nuvoton — npct75x_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when nuvoton ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.