548 matches found
April 17, 2018—KB4093117 (OS Build 15063.1058)
None None...
Siemens SIMATIC Industrial PCs
CVSS v3 5.9 ATTENTION: Remotely exploitable Vendor: Siemens Equipment: SIMATIC Industrial PCs Vulnerability: Cryptographic Issues AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of SIMATIC Industrial PCs using a version of Infineon’s Trusted Platform Module...
SUSE-SU-2017:3090-1 Recommended update for tboot
This update for tboot fixes the following issues: Security issue fixed: - CVE-2017-16837: Certain function pointers in Trusted Boot tboot through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module TPM by h...
Trusted Boot Arbitrary Code Execution Vulnerability
Trusted Boot tboot is an open source pre-kernel/vmm module that supports booting OS kernels/VMMs after measurement and determination utilizing Intel TXT technology. An arbitrary code execution vulnerability exists in Boot 1.9.6 and earlier versions, which stems from a program's failure to validat...
BSA-2017-474
Security Advisory ID : BSA-2017-474 Component : Infineon RSA Library Revision : 2.0: Final The Infineon RSA library version 1.02.013 in Infineon Trusted Platform Module TPM firmware mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection...
CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
Code injection
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
UBUNTU-CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4048959)
This host is missing an important security update according to Microsoft KB4048959 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows Multiple Vulnerabilities (KB4048952)
This host is missing a critical security update according to Microsoft KB4048952 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
November 14, 2017—KB4048956 (OS Build 10240.17673)
None None...
Juniper SRX300 Series Trusted Platform Module Firmware Information Disclosure Vulnerability
The Juniper SRX300 Series is a firewall product from Juniper Networks, Inc.The Trusted Platform Module TPM is one of the test platform modules. A security vulnerability exists in the TPM firmware version 4.40 in the Juniper SRX300 Series in the process of generating encryption keys. An attacker...
HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data
Potential Security Impact: Local: Unauthorized Access to Data; Remote: Unauthorized Access to Data SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Trusted Platform Module 2.0 Kit FW 5.51 - TPM 2.0 FW 5.62 is not affected. This is the Gen9 TPM 2.0 option only Gen9 servers could...
CVE-2017-10606
Version 4.40 of the TPM Trusted Platform Module firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products. The TPM is used in the SRX300 Series to encrypt sensitive configuration...
Bitlocker Device Policy
Windows 10 Enterprise includes a disk encryption feature called BitLocker, which provides extra file and system protections against unauthorized access of a lost or stolen device. For more protection, you can use BitLocker with Trusted Platform Module TPM chips, version 1.2 or later. A TPM chip...
tpm2-tools Authentication Authorization Vulnerability
tpm2-tools is a toolkit for monitoring trusted platform modules in Linux. A security vulnerability exists in versions of tpm2-tools prior to 1.1.1, which stems from the program passing passwords from the client to the server in plaintext. An attacker could exploit the vulnerability to obtain...
Extending Linux Executable Logging With The Integrity Measurement Architecture
Gaining insight into the files being executed on your system is a great first step towards improved visibility on your endpoints. Taking this a step further, centrally storing logs of file execution data so they can be used for detection and hunting provides an excellent opportunity to find evil ...
DoD DIACAP transition to RMF approved
Welcome DIARMF! This has been a long time coming. From DITSCAP to DIACAP and now to DIARMF the Department of Defense approved the transition to a Risk Management Framework RMF approach developed by NIST on March 12. What does this mean for Information Systems and Platform Information Technology...