The comms between the motherboard and the TPM chip isn't secured, so an attacker can just do a MITM attack and substitute in the correct values.
loading story #47383935
That's fair, although aren't most TPMs nowadays fTPMs? No interceptable communication that way.
loading story #47383806
loading story #47384501
loading story #47383907