{"id":571,"date":"2025-04-19T10:55:51","date_gmt":"2025-04-19T10:55:51","guid":{"rendered":"http:\/\/localhost\/?p=571"},"modified":"2025-04-19T10:55:51","modified_gmt":"2025-04-19T10:55:51","slug":"cve-2025-1292","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=571","title":{"rendered":"CVE-2025-1292"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nCVE-2025-1292<\/td>\n<\/tr>\n
Type<\/th>\nredhatcve<\/td>\n<\/tr>\n
Published<\/th>\n2025-04-17T22:44:58<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-17T23:11:57<\/td>\n<\/tr>\n
CVSS Score<\/th>\n0.0 ()<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\n<\/td>\n<\/tr>\n
Attack Complexity<\/th>\n<\/td>\n<\/tr>\n
Privileges Required<\/th>\n<\/td>\n<\/tr>\n
User Interaction<\/th>\n<\/td>\n<\/tr>\n
Scope<\/th>\n<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2025-1292<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\ninfo<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.<\/p><\/div>\n<\/p><\/div>\n
\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n0.0<\/td>\n<\/tr>\n
Severity<\/th>\n<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n