Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000144419

Infineon Trusted Platform Module (TPM) Vulnerability (CVE-2017-15361) : Impact Status on Dell Products

Summary: A new Infineon Trusted Platform Module (TPM) vulnerability (CVE-2017-15361) has risen, use this article to find out how to protect your Dell hardware.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

Dell is aware of a vulnerability identified in the RSA key generation method used by Infineon Trusted Platform Modules (TPMs) tracked through CVE-2017-15361. Dell has completed investigation on this issue and found only a small list of products affected. These products are listed below with recommended remediation steps. Please refer to the Patch Guidance section for details on patches published by Operating System vendors.

Patch Guidance:

Infineon: https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160
Microsoft Windows: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012
Google Chrome: https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update

References:

Tools provided by Centre for Research on Cryptography and Security: https://crocs.fi.muni.cz/public/papers/rsa_ccs17#detection_tools_mitigation_and_workarounds
Article by Centre for Research on Cryptography and Security: https://crocs.fi.muni.cz/public/papers/rsa_ccs17
CERT/CC Vulnerability Note VU#307015: https://www.kb.cert.org/vuls/id/307015

For status of RSA products, browse to: https://community.rsa.com/docs/DOC-84619

Dell Products Affected:

Client Products
Product	Supported Models	Impacted?	Recommended Action
Dell Chromebook 11	3120, 3180, 3189	YES	Please follow the instructions provided by Google: https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update.
Dell Chromebook 13	3380, 7310	YES	Please follow the instructions provided by Google: https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update.
Dell Chromebox		YES	Please follow the instructions provided by Google: https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update.
Wyse 5060	WES7P, WIE10	YES	Pending Recommended Action.

Article Properties

Affected Product

Chromebox, Chromebook 3120 (End of Life), Chromebook 11 3180, Chromebook 11 3189, Chromebook 13 3380, Chromebook 7310, Wyse 5060 Thin Client

Infineon Trusted Platform Module (TPM) Vulnerability (CVE-2017-15361) : Impact Status on Dell Products

Summary: A new Infineon Trusted Platform Module (TPM) vulnerability (CVE-2017-15361) has risen, use this article to find out how to protect your Dell hardware.

Article Content

Symptoms

Patch Guidance:

References:

Dell Products Affected:

Article Properties

Affected Product

Last Published Date

Version

Article Type

Welcome

Welcome to Dell

Infineon Trusted Platform Module (TPM) Vulnerability (CVE-2017-15361) : Impact Status on Dell Products

Summary: A new Infineon Trusted Platform Module (TPM) vulnerability (CVE-2017-15361) has risen, use this article to find out how to protect your Dell hardware.

Article Content

Symptoms

Patch Guidance:

References:

Dell Products Affected:

Article Properties

Affected Product

Last Published Date

Version

Article Type