All the vulnerabilites related to edugear - chromebook_m
Vulnerability from fkie_nvd
Published
2017-10-16 17:29
Modified
2024-11-21 03:14
Severity ?
Summary
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "6D825C88-A5D7-4C1F-B09B-FF63FCE1B5F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "5C08FA98-E0C2-4382-94BD-5C40DECD1DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D4751A17-AD4C-4F50-B0DD-4E02427BBA2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8A144B-1859-4C49-8AC4-10EB0FD740F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "878D0151-EE41-4EF6-A424-DA855C18986A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57181990-1011-424B-8B0D-4FCBEE35E888",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11A4C072-B9A0-47ED-8060-AA0159AF0020",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088996B8-E506-4A50-8EB0-5A1258D681AC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B50E8CCB-3B69-42E4-8AEE-88D0D7B9EB2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F326698-B295-4807-A4B4-0BAA9B66589E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDAE0DD7-5608-4556-9978-EE7E01023DA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7D2911-0265-4B37-8CD8-42DCEC7EABDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD548B-AD54-4C47-9134-6B7A2398160B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADB4F13-0684-424B-AA6B-8A7018777984",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*",
"matchCriteriaId": "295D21FA-D8D2-4C19-A5B6-50D7281B2A59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08683AB6-D690-408C-A5C7-9EF32A40876D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47665085-66B9-4E11-9D20-3A5A73352D91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6973F7-0B85-4064-8879-543A243D8A8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BE3BCF-6FE8-46F1-B774-60916DE234CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0413E176-3B87-4333-A9FB-A0727015ACDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "075859B8-D6BE-45BB-81A0-C89792743BB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2A25AC3-0FB5-4F01-9865-0938E3976D96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D33132B-CC32-4640-8BF7-F8FCF80F6EC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA85C38-CDBC-4163-8105-4E902ADD747A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*",
"matchCriteriaId": "A5821187-153C-48BD-802B-89FD159755D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*",
"matchCriteriaId": "6D656A2B-6234-4BB2-A5CC-54B4EBA59FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*",
"matchCriteriaId": "589B967C-3EF0-42DF-9FEF-C3411AC38B4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*",
"matchCriteriaId": "3CB7F169-02A0-44B4-816B-0135DFD46905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF33E72-2E47-4D41-9B05-8D13B26694F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68B8BACC-0F84-41A6-BBE0-3987B1E56A8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280E26E9-5075-469C-A1B1-0CC833B32520",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1DF93-A998-4528-9C82-721D16698FA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADFFC94-7F7A-40CF-817B-483BBDCCB66D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7EA3C8-8B68-4BE1-9C2D-FAFC4AF8EA7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66CB44E8-A520-4291-9D48-5ED4BD2B9FB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6530E801-A924-4B0D-9602-92D320828C75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB4C201C-3C87-4FC6-A48E-1428EA481195",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9716ED-3AEA-439B-9148-C66CC98D0D6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE2D4E6-CD1A-4336-9C1A-7B8FA5377CB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A308E84E-1044-41EC-A7A2-2A0E5A5DAD02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEB2859-2C44-410C-85F9-B37339161245",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*",
"matchCriteriaId": "48E098F9-7EFD-452B-9A9C-383039BF8150",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*",
"matchCriteriaId": "51F47A6C-430C-4635-BF8F-E837F37673FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FBD6167-984D-492E-AA47-468678051CEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*",
"matchCriteriaId": "0E93EBE6-B016-42C1-A65A-4B14038DA0A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7987CC19-4679-47A6-B2B9-8D0A9F804925",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42D5DB45-A37D-48BE-9F00-C2108D47A4D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F36AB1C2-6B81-49F7-998A-4E5A0692C161",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F0D7C4-DB72-41CC-A163-BF9CA4315BCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*",
"matchCriteriaId": "187CCE09-CC6D-455A-96A7-91667C22FCF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BE3D28-7E3F-419C-84E3-A29D858AADEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "455A3086-A52F-49DC-993F-E3FA17A3BE15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8534D121-1A3A-42C1-BC0E-B37012A5F7C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF753670-DD77-415D-BD4B-17D41F975A0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0E191E-A0D9-4B8C-929B-012DF95A1FE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE234602-9C70-425B-A677-382775EDC564",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04C5FAF4-1B36-4379-A530-6AB0509E69DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8676FD39-8386-42D7-B551-A794B83268D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B403CE-EDC1-426F-94A4-B19FAEEAC8EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B17D3A78-87DD-44CD-AB11-3E42AEB1A1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98D228FA-C7BD-4FA9-9885-4E2331E81966",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2A4B85-5CA1-4D00-9F39-841FB6DE94EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8833B8E1-E49E-4DA9-988C-B0615468DDFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EAD51FB-53D2-44BA-8C0B-70305E5C264E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DA08F6-67F6-4577-8959-19290EF58553",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29036285-F6EB-4BCA-A338-0266F10A4B13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*",
"matchCriteriaId": "106D11AE-4322-455C-B10E-FD4F2992B4DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE44E53F-383A-43E0-9B67-F736749764B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72E87B3E-5E9D-419F-BFF6-C550A26B9D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89E336A5-8C90-405B-846F-003856AF8336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*",
"matchCriteriaId": "613BB633-7F07-4F3F-9327-B308E542FB6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD37DD3-C729-4851-ACBE-D72848FDBAB5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62F027B0-FC37-4F25-BAF2-78C8E695C9E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "433AC4ED-752F-4B33-A294-CF2A82D8C12C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC8BDF0-F181-491D-88E7-8DD1FB5DC217",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_g4\\/g4_ee:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A50F3009-FD55-454D-8BBB-C8CC7B692092",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A8ECDE-FA43-42C8-A866-24909A2ACA1E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26C827F6-3C93-48DB-B8EE-4C8B715CC66C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC73A69B-777B-498E-B7C9-2D98D26E4864",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB89A0E-A308-4FAC-8FF6-83B3A932D549",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*",
"matchCriteriaId": "808093B3-07B4-48DE-9784-0ABA100187F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB8B82E0-BE77-4A6F-B867-AE51E775146D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F00BDBE-F0D2-4B8C-BD8E-C1E52CBE216E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4233E3FD-B9A5-43BF-9C7F-80BF7446CD5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebox_cb1-\\(000-099\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DB5A7A-310D-442F-BE25-41A573EC8341",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71390570-8953-493B-9EF7-78D4A9AD0156",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD500A-CF2D-491A-AD2E-6201899840AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F17AAE58-B621-4737-8045-4ACD5FCB1090",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86B3EEBB-44DC-4923-AABB-FF3633C570BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC42851D-E264-40C4-B44C-3CF3AAB3AE41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED745A48-294A-4FB7-A845-8B99D3848F54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59891EF1-7733-4E02-A3D7-F48ECECACF6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "612C3ED3-1A90-4E35-A69A-87336107D2FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6E4D71-085F-4CF0-A95C-F6A139A7BDD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5580DCA1-A57C-4A49-99C7-4C31910E8C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CAE0B2B-A078-4E08-BD4D-2E27E72061B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B481236-6FD6-47CC-925A-1580894DED37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE1EB6A-BCE0-443B-843C-83A4A74480FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE08B38-D2E4-46FF-BDBF-101516B7F760",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F934EA3-1BEB-4E0F-88BA-2A8519891D1E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9737D5FA-076F-45CF-BE72-4AC92A16ACE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51F7E626-C417-4164-93E8-86FF2CA81210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35C6DD3A-6622-41B3-B716-9020DE5674A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D02136-E17B-4D4F-9773-14B0E3CF674A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993BF4EC-0564-47D8-A920-37D4D2FF1F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E3E313-4177-4791-A405-36A9E20023E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1EABBA-125A-48D2-A851-CAF5AEB3FF0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D92963A3-720A-495E-8EEF-D96B782CF4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62BD4DE-D78E-4C70-A54C-7655E1418073",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5803975-6443-49F0-B2E2-2CE362F15B0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5510D58D-A29E-426B-98B8-D3FF0DF05728",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29D3147-8560-4380-8940-AC2B1CE76B95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4116587-2E83-4ABA-8B9A-E0A80C3B6A1E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "813366C6-684F-4A0E-BCDE-C8A4A389B905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2F0A50F-4D99-434E-B198-3AE48B5E7413",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9246074B-C1F2-494D-B4BB-0F7BB3CAF688",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF56D6E5-4F7B-45E4-A35A-0AD13B045580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "881D9BFA-8ACA-4188-A72A-BE48AFEED4F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99E9041D-FA9A-4FDF-B5CF-DC479FA982A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E5D8DD-4BC2-4E5A-854F-E24AE48B1FE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7535529-897C-4D66-87FF-638DA60D7E3D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42996DF5-8D88-4D65-827E-59AC8FAE90EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*",
"matchCriteriaId": "BA9D7740-2232-4ACC-861F-58CD3F4ABCDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF68C69-3504-4209-BE16-33F7537C7D1E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEFDE24-B175-4DA2-AD5A-37F42DF3AF8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2C8ABD-12F1-4710-B6D6-DF8ADCC37CED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAB3D5B-99CF-48C8-A543-2672AEAB1362",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D42B185-D644-4149-8616-DC292A8D3AF2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75761B52-09E9-4B04-8E6A-0928439E429C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65407B5D-E6DD-4994-813C-BD5543111FBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43DDE644-1B5C-4B9E-9E91-1F9F2A1185D4",
"versionEndIncluding": "1.02.013",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS."
},
{
"lang": "es",
"value": "La librer\u00c3\u00ada Infineon RSA 1.02.013 en firmware Infineon Trusted Platform Module (TPM) como las versiones anteriores a la 0000000000000422 - 4.34, anteriores a la 000000000000062b - 6.43 y anteriores a la 0000000000008521 - 133.33, gestiona de manera incorrecta la generaci\u00c3\u00b3n de claves RSA, lo que hace que sea m\u00c3\u00a1s f\u00c3\u00a1cil para los atacantes superar varios mecanismos de protecci\u00c3\u00b3n criptogr\u00c3\u00a1fica mediante ataques dirigidos, conocido como ROCA. Ejemplos de las tecnolog\u00c3\u00adas afectadas son BitLocker con TPM 1.2, la generaci\u00c3\u00b3n de claves PGP con YubiKey 4 (en versiones anteriores a la 4.3.5) y la caracter\u00c3\u00adstica de cifrado Cached User Data en Chrome OS."
}
],
"id": "CVE-2017-15361",
"lastModified": "2024-11-21T03:14:32.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-16T17:29:00.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/product_security/LEN-15552"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101484"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/"
},
{
"source": "cve@mitre.org",
"url": "https://blog.cr.yp.to/20171105-infineon.html"
},
{
"source": "cve@mitre.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/crocs-muni/roca"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM"
},
{
"source": "cve@mitre.org",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://keychest.net/roca"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://monitor.certipath.com/rsatest"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20171024-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update"
},
{
"source": "cve@mitre.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03789en_us"
},
{
"source": "cve@mitre.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03801en_us"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160"
},
{
"source": "cve@mitre.org",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/307015"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/product_security/LEN-15552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://blog.cr.yp.to/20171105-infineon.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/crocs-muni/roca"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://keychest.net/roca"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://monitor.certipath.com/rsatest"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20171024-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03789en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03801en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/307015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2017-15361
Vulnerability from cvelistv5
Published
2017-10-16 17:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:25.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.cr.yp.to/20171105-infineon.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03801en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://monitor.certipath.com/rsatest"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lenovo.com/us/en/product_security/LEN-15552"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171024-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html"
},
{
"name": "VU#307015",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/307015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/crocs-muni/roca"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03789en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/"
},
{
"name": "101484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101484"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://keychest.net/roca"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-14T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.cr.yp.to/20171105-infineon.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03801en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://monitor.certipath.com/rsatest"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lenovo.com/us/en/product_security/LEN-15552"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171024-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html"
},
{
"name": "VU#307015",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/307015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/crocs-muni/roca"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03789en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/"
},
{
"name": "101484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101484"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://keychest.net/roca"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160",
"refsource": "MISC",
"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160"
},
{
"name": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/",
"refsource": "MISC",
"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/"
},
{
"name": "https://blog.cr.yp.to/20171105-infineon.html",
"refsource": "MISC",
"url": "https://blog.cr.yp.to/20171105-infineon.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03801en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03801en_us"
},
{
"name": "https://monitor.certipath.com/rsatest",
"refsource": "MISC",
"url": "https://monitor.certipath.com/rsatest"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012"
},
{
"name": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17",
"refsource": "MISC",
"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17"
},
{
"name": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/",
"refsource": "MISC",
"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/"
},
{
"name": "http://support.lenovo.com/us/en/product_security/LEN-15552",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/product_security/LEN-15552"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171024-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171024-0001/"
},
{
"name": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM",
"refsource": "MISC",
"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html"
},
{
"name": "VU#307015",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/307015"
},
{
"name": "https://github.com/crocs-muni/roca",
"refsource": "MISC",
"url": "https://github.com/crocs-muni/roca"
},
{
"name": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update",
"refsource": "MISC",
"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03789en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03789en_us"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html"
},
{
"name": "https://www.yubico.com/support/security-advisories/ysa-2017-01/",
"refsource": "CONFIRM",
"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/"
},
{
"name": "101484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101484"
},
{
"name": "https://keychest.net/roca",
"refsource": "MISC",
"url": "https://keychest.net/roca"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15361",
"datePublished": "2017-10-16T17:00:00",
"dateReserved": "2017-10-15T00:00:00",
"dateUpdated": "2024-08-05T19:57:25.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}