[ranger_danger]

> presumably

That's the thing, we don't actually know how involved the PIN is in relation to the key... it might be completely separate (and hence bypassable).

Similarly I also wonder if password-based pre-boot auth is affected.

[redprince]

That is known pretty well: The TPM won't release the the volume key unless the correct PIN is presented to the TPM.

[ranger_danger]

The only evidence I have seen was this article that another user in the thread shared:

https://blog.scrt.ch/2024/10/28/privilege-escalation-through...

Not saying you're wrong, I'm just not sure how well known it really is.

Either way... if the TPM is the one gating the key behind a PIN, I really don't see how an OS-level exploit can work without knowing the PIN in advance.