Skip to content
Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Branch: master
Clone or download
Latest commit 959d3c4 Sep 4, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
linux
windows
.gitattributes add gitattributes to handle line ending conversion Oct 25, 2017
CONTRIBUTING.md initial commit Oct 19, 2017
DISCLAIMER.md
LICENSE.md fix license text Oct 23, 2017
README.md

README.md

Detect Trusted Platform Modules Vulnerable to CVE-2017-15361

This repository provides content for aiding DoD administrators in detecting systems that have an enabled Trusted Platform Module (TPM) that is vulnerable to CVE-2017-15361 and is a companion to Information Assurance Advisory RSA Key Generation Vulnerability Affecting Trusted Platform Modules. The files in this repository can be downloaded as a zip file here.

The main files of interest in the repository include:

  • windows/Detect-CVE-2017-15361-TPM.audit - a custom Nessus audit file useful for DoD administrators who want to scan Windows systems on their network with Nessus (acquire via the ACAS program). TPM 1.2 and TPM 2.0 devices are supported.
  • windows/Detect-CVE-2017-15361-TPM.ps1 - a PowerShell script useful for DoD administrators who want to locally test a single, standalone system. TPM 1.2 and TPM 2.0 devices are supported.
  • linux/Detect-CVE-2017-15361-TPM.audit - a custom Nessus audit file useful for DoD administrators who want to scan Linux systems on their network with Nessus (acquire via the ACAS program). Only TPM 1.2 devices are supported.
  • linux/Detect-CVE-2017-15361-TPM.sh - a bash script useful for DoD users who want to locally test a single, standalone Linux system. Only TPM 1.2 devices are supported.

Support files in the repository include:

  • GenerateWindowsNessusAuditFile.ps1 - a PowerShell script that generates the Detect-CVE-2017-15361-TPM.audit file for Windows based on code in the Detect-CVE-2017-15361-TPM.ps1 file.

Infineon TPM firmware versions affected:

  • 4.0 - 4.33
  • 4.4 - 4.42
  • 5.0 - 5.61
  • 6.0 - 6.42
  • 7.0 - 7.61
  • 133.0 - 133.32
  • 149.0 - 149.32

Links

Original research identifying the issue:

More information about the vulnerability:

More information on operating system patches and TPM firmware updates:

More information about other devices that are affected:

Tools for checking if your RSA key is affected:

License

See LICENSE.

Disclaimer

See DISCLAIMER.

You can’t perform that action at this time.