CVE-2017-15361

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.
References
Link Resource
http://support.lenovo.com/us/en/product_security/LEN-15552 Mitigation Third Party Advisory
http://www.securityfocus.com/bid/101484 Third Party Advisory VDB Entry
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/ Issue Tracking Third Party Advisory
https://blog.cr.yp.to/20171105-infineon.html
https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf
https://crocs.fi.muni.cz/public/papers/rsa_ccs17 Issue Tracking Mitigation Third Party Advisory
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/ Issue Tracking Third Party Advisory
https://github.com/crocs-muni/roca Mitigation Third Party Advisory
https://github.com/iadgov/Detect-CVE-2017-15361-TPM Mitigation Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01
https://keychest.net/roca Issue Tracking Mitigation Third Party Advisory
https://monitor.certipath.com/rsatest Mitigation Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012 Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20171024-0001/
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update Issue Tracking Mitigation Patch Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160 Mitigation Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html
https://www.kb.cert.org/vuls/id/307015 Issue Tracking Mitigation US Government Resource Third Party Advisory
https://www.yubico.com/support/security-advisories/ysa-2017-01/ Mitigation Third Party Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*
cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*
cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*
cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*
OR cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*
cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*
cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*
cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*
cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*
cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*
cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*
cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*
cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*
cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*
cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*
cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*
cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*
cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*
cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*
cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*
cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*
cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*
cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*
cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*
cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*
cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*
cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_g4\/g4_ee:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebox_cb1-\(000-099\):-:*:*:*:*:*:*:*
cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*
cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*
cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*
cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*
cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*
cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*
cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*
cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*
cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*
cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*
cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*
cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*
cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*
cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*
cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*
cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-10-16 17:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-15361

Mitre link : CVE-2017-15361

CVE.ORG link : CVE-2017-15361


JSON object : View

Products Affected

haier

  • chromebook_11
  • chromebook_11_g2
  • chromebook_11e
  • chromebook_11_c

asus

  • chromebook_c300sa
  • chromebook_c300
  • chromebox_cn60
  • chromebook_flip_c302
  • chromebox_cn62
  • chromebook_c200
  • chromebook_c301sa
  • chromebook_c202sa
  • chromebit_cs10
  • chromebook_c201pa
  • chromebook_flip_c100pa

ctl

  • j2_chromebook
  • n6_chromebook
  • nl61_chromebook
  • j4_chromebook
  • j5_chromebook

acer

  • chromebox_cxi2
  • chromebook_11_c730
  • c720_chromebook
  • chromebook_15_cb3-532
  • chromebook_15_cb5-571
  • chromebox
  • chromebook_14_cb3-431
  • chromebook_11_c771
  • chromebook_11_c771t
  • chromebook_11_n7_c731
  • chromebook_11_c730e
  • chromebook_14_for_work_cp5-471
  • chromebook_r13_cb5-312t
  • chromebase_24
  • chromebook_15_cb3-531
  • chromebase
  • chromebook_r11
  • chromebook_11_c735
  • chromebook_13_cb5-311
  • chromebook_11_c740

edugear

  • chromebook_k
  • chromebook_m
  • cmt_chromebook
  • chromebook_r

lenovo

  • thinkpad_11e_chromebook
  • thinkpad_13_chromebook
  • n22_chromebook
  • 100s_chromebook
  • n42_chromebook
  • n23_chromebook
  • n20_chromebook
  • n23_yoga_11_chromebook
  • n21_chromebook
  • thinkcentre_chromebox
  • n23_flex_11_chromebook

samsung

  • chromebook_2_13
  • chromebook_3
  • chromebook_plus
  • chromebook_2_11_xe500c12
  • chromebook_2_11
  • chromebook_pro

hp

  • chromebook_14_g3
  • chromebook_14_x000-x999
  • chromebook_13_g1
  • chromebook_11_2200-2299
  • chromebook_14_g4
  • chromebook_11-vxxx
  • chromebook_11_g2
  • chromebook_14
  • chromebook
  • chromebox_cb1-\(000-099\)
  • chromebook_11_2000-2099
  • chromebook_11_g1
  • chromebook_11_1100-1199
  • chromebook_14_ak000-099
  • chromebook_11_g4\/g4_ee
  • chromebox_g1
  • chromebook_11_2100-2199
  • chromebook_11_g3
  • chromebook_11_g5_ee
  • chromebook_11_g5

xolo

  • chromebook

epik

  • chromebook_elb1101

rgs

  • education_chromebook

poin2

  • chromebook_14
  • chromebook_11

videonet

  • chromebook_bl10
  • chromebook

dell

  • chromebook_11_3120
  • chromebook_11
  • chromebook_11_3189
  • chromebook_11_model_3180
  • chromebox
  • chromebook_13_3380

asi

  • chromebook

viglen

  • chromebook_11
  • chromebook_360

google

  • pixel

lg

  • chromebase_22cv241
  • chromebase_22cb25s

toshiba

  • chromebook_2
  • chromebook

hexa

  • chromebook_pi

aopen

  • chromebase
  • chromeboxi
  • chromebox

medion

  • akoya_s2013
  • chromebook_s2015

sector-five

  • e1_rugged_chromebook

senkatel

  • c1101_chromebook

positivo

  • chromebook_ch1190

edxis

  • chromebook
  • education_chromebook

infineon

  • trusted_platform_firmware
  • rsa_library

prowise

  • proline_chromebook
  • entry_line_chromebook

true

  • idc_chromebook
  • idc_chromebook_11

bobicus

  • chromebook_11

pcmerge

  • chromebook_pcm-116t-432b

mercer

  • v2_chromebook
  • chromebook

nexian

  • chromebook

ncomputing

  • chromebook_cx100

hisense

  • chromebook_11