Here is a quick way to check if a device has TPM 2.0. The output is written to reports > activity log.
I’m sure there is a better way to do this, but on the other hand, it is better than checking devices manually.
Remediation code:
$info = (wmic /namespace:\root\cimv2\security\microsofttpm path win32_tpm get * /format:textvaluelist.xsl))
write-output $info
exit 0