A team of cybersecurity researchers disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips. TMP technology is being used widely by billion of desktops, laptops, servers, smartphones, and even by Internet-of-Things (IoT) devices to protect encryption keys, passwords, and digital certificates. The vulnerabilities leverage a timing-based side-channel attack to recover cryptographic keys that are otherwise supposed to remain safely inside the chips. A local adversary can recover the ECDSA key from Intel fTPM in 4-20 minutes.
Source: https://thehackernews.com/2019/11/tpm-encryption-keys-hacking.html