vulnerability

ROCA: Vulnerable RSA generation from Infineon TPM (CVE-2017-15361)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Oct 16, 2017	Nov 2, 2017	Dec 1, 2017

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Oct 16, 2017

Added

Nov 2, 2017

Modified

Dec 1, 2017

Description

The Infineon RSA library version 1.02.013 does not properly generate RSA key pairs. As a result, the keyspace required for a brute force search is lessened such that it is feasible to factorize keys under at least 2048 bits and obtain the RSA private key. The attacker needs only access to the victim's RSA public key generated by this library in order to calculate the private key.

This is also known as Return of Coppersmith's Attack (ROCA)

Solution

infineon-tpm-cve-2017-15361

References

CVE-2017-15361
https://attackerkb.com/topics/CVE-2017-15361
URL-https://crocs.fi.muni.cz/public/papers/rsa_ccs17
URL-https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today