Vulnerability Details : CVE-2017-15361
Potential exploit
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.
Products affected by CVE-2017-15361
- cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*When used together with: Bobicus » Chromebook 11
- cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*When used together with: Bobicus » Chromebook 11
- cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*When used together with: Bobicus » Chromebook 11
- cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*When used together with: Bobicus » Chromebook 11
- cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-15361
2.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-15361
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
5.9
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.2
|
3.6
|
NIST |
References for CVE-2017-15361
-
https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html
INTEL-SA-00104
-
https://github.com/crocs-muni/roca
GitHub - crocs-muni/roca: ROCA: Infineon RSA key vulnerabilityMitigation;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20171024-0001/
CVE-2017-15361 Infineon RSA Library Vulnerability in NetApp Products | NetApp Product Security
-
https://github.com/iadgov/Detect-CVE-2017-15361-TPM
GitHub - nsacyber/Detect-CVE-2017-15361-TPM: Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyberMitigation;Third Party Advisory
-
https://monitor.certipath.com/rsatest
TrustMonitor ROCA Vulnerability TestMitigation;Third Party Advisory
-
http://support.lenovo.com/us/en/product_security/LEN-15552
RSA Keys Generated by Infineon TPMs are Insecure - USMitigation;Third Party Advisory
-
https://www.kb.cert.org/vuls/id/307015
VU#307015 - Infineon RSA library does not properly generate RSA key pairsIssue Tracking;Mitigation;US Government Resource;Third Party Advisory
-
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160
TPM update - Infineon TechnologiesMitigation;Vendor Advisory
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html
INTEL-SA-00148
-
http://www.securityfocus.com/bid/101484
Infineon RSA Library CVE-2017-15361 Cryptographic Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://www.yubico.com/support/security-advisories/ysa-2017-01/
Security Advisory 2017-10-16 | YubicoMitigation;Third Party Advisory
-
https://blog.cr.yp.to/20171105-infineon.html
cr.yp.to: 2017.11.05: Reconstructing ROCA
-
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/
ROCA vulnerability impact on Gemalto IDPrime .NET smart cards - Magic of SecurityIssue Tracking;Third Party Advisory
-
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01
404 - File Not Found | CISA
-
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/
Millions of high-security crypto keys crippled by newly discovered flaw | Ars TechnicaIssue Tracking;Third Party Advisory
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us
HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012
ADV170012 | Vulnerability in TPM could allow Security Feature BypassIssue Tracking;Patch;Third Party Advisory
-
https://keychest.net/roca
KeyChest - ProfileIssue Tracking;Mitigation;Third Party Advisory
-
https://crocs.fi.muni.cz/public/papers/rsa_ccs17
ROCA: Vulnerable RSA generation (CVE-2017-15361) [CRoCS wiki]Issue Tracking;Mitigation;Third Party Advisory
-
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update
Trusted Platform Module firmware vulnerability: technical documentation - The Chromium ProjectsIssue Tracking;Mitigation;Patch;Third Party Advisory
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us
HPESBHF03801 rev.1 - HPE ProLiant m510 or m710x server cartridges with HP Trusted Platform Module, Local and Remote Unauthorized Access to Data
Jump to