CVE-2025-49133 is an out-of-bounds (OOB) read vulnerability identified in the libtpms library, which is used to integrate TPM 2.0 functionality into hypervisors, primarily QEMU. Libtpms is derived from the Trusted Computing Group's TPM 2.0 reference implementation. The vulnerability occurs in the CryptHmacSign function, specifically when the signKey parameter is of type ALG_KEYEDHASH and the signScheme parameter is an ECC or RSA scheme, creating an inconsistent pairing. This mismatch leads to an out-of-bounds read in memory, which is detected by libtpms and causes the process to abort. This abort results in denial of service by making the virtual TPM (vTPM) instance unavailable to the guest virtual machine relying on it. The vulnerability can be triggered by user-mode applications that send crafted commands to a TPM 2.0 or virtual TPM (swtpm) firmware based on the affected TCG reference implementation. The affected versions of libtpms are 0.7.11, 0.8.9, 0.9.6, and 0.10.0, with fixes released in versions 0.7.12, 0.8.10, 0.9.7, and 0.10.1. The CVSS v3.1 score is 5.9 (medium severity), reflecting a local attack vector with low complexity, requiring privileges and user interaction, and causing availability impact without affecting confidentiality or integrity. No known exploits have been reported in the wild to date.

For European organizations, the primary impact of CVE-2025-49133 is denial of service on virtual machines that rely on vTPM functionality provided by libtpms. This can disrupt security-sensitive operations that depend on TPM features such as secure key storage, attestation, and cryptographic operations within virtualized environments. Organizations using QEMU-based virtualization with vulnerable libtpms versions may experience VM outages or degraded security posture due to unavailable TPM services. This could affect sectors with high virtualization adoption such as cloud service providers, financial institutions, and government agencies. While the vulnerability does not expose sensitive data or allow privilege escalation, the loss of TPM availability can hinder compliance with security policies and impact trust in virtualized infrastructure. The requirement for local privileges and user interaction limits remote exploitation, but insider threats or compromised user accounts could trigger the vulnerability. Overall, the impact is moderate but significant for environments relying heavily on TPM-backed security in virtual machines.

European organizations should immediately verify their use of libtpms in virtualization environments, particularly QEMU deployments with vTPM enabled. They must upgrade libtpms to fixed versions 0.7.12, 0.8.10, 0.9.7, or 0.10.1 as appropriate. Where upgrading is not immediately possible, organizations should restrict access to user accounts capable of interacting with the TPM interface to trusted personnel only, minimizing the risk of malicious command injection. Monitoring and alerting on abnormal TPM command usage or process aborts related to libtpms can help detect exploitation attempts. Additionally, organizations should review virtualization security policies to ensure that vTPM usage is justified and that fallback mechanisms exist in case of TPM unavailability. Employing strict privilege separation and limiting user interaction with TPM interfaces reduces the attack surface. Finally, coordinating with virtualization platform vendors to confirm integration of patched libtpms versions is critical for comprehensive mitigation.