Skip to content
This repository has been archived by the owner. It is now read-only.
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

Detect Trusted Platform Modules Vulnerable to CVE-2017-15361

This repository provides content for aiding DoD administrators in detecting systems that have an enabled Trusted Platform Module (TPM) that is vulnerable to CVE-2017-15361 and is a companion to Information Assurance Advisory RSA Key Generation Vulnerability Affecting Trusted Platform Modules. The files in this repository can be downloaded as a zip file here.

The main files of interest in the repository include:

  • windows/Detect-CVE-2017-15361-TPM.audit - a custom Nessus audit file useful for DoD administrators who want to scan Windows systems on their network with Nessus (acquire via the ACAS program). TPM 1.2 and TPM 2.0 devices are supported.
  • windows/Detect-CVE-2017-15361-TPM.ps1 - a PowerShell script useful for DoD administrators who want to locally test a single, standalone system. TPM 1.2 and TPM 2.0 devices are supported.
  • linux/Detect-CVE-2017-15361-TPM.audit - a custom Nessus audit file useful for DoD administrators who want to scan Linux systems on their network with Nessus (acquire via the ACAS program). Only TPM 1.2 devices are supported.
  • linux/Detect-CVE-2017-15361-TPM.sh - a bash script useful for DoD users who want to locally test a single, standalone Linux system. Only TPM 1.2 devices are supported.

Support files in the repository include:

  • GenerateWindowsNessusAuditFile.ps1 - a PowerShell script that generates the Detect-CVE-2017-15361-TPM.audit file for Windows based on code in the Detect-CVE-2017-15361-TPM.ps1 file.

Infineon TPM firmware versions affected:

  • 4.0 - 4.33
  • 4.4 - 4.42
  • 5.0 - 5.61
  • 6.0 - 6.42
  • 7.0 - 7.61
  • 133.0 - 133.32
  • 149.0 - 149.32

Links

Original research identifying the issue:

More information about the vulnerability:

More information on operating system patches and TPM firmware updates:

More information about other devices that are affected:

Tools for checking if your RSA key is affected:

License

See LICENSE.

Disclaimer

See DISCLAIMER.

About

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Topics

Resources

License

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •