"AMD TPM Exploit: faulTPM Attack Defeats BitLocker and TPM-Based Security"

A newly published paper by security researchers at the Technical University of Berlin reveals that AMD's firmware-based Trusted Platform Module (fTPM/TPM) can be fully compromised using a voltage fault injection attack, allowing full access to the cryptographic data stored within the fTPM. The attack dubbed 'faulTPM' ultimately enables an adversary to completely compromise any application or encryption, such as BitLocker, that relies solely on TPM-based security. To attack AMD's Platform Security Processor (PSP) in Zen 2 and Zen 3 chips, the researchers used off-the-shelf components that cost around $200. The attack requires physical access to the machine for 'several hours.' The researchers' report does not specify whether Zen 4 CPUs are vulnerable. This article continues to discuss the faulTPM attack that can defeat BitLocker and TPM-based security. 

Tom's Hardware reports "AMD TPM Exploit: faulTPM Attack Defeats BitLocker and TPM-Based Security"