Notified: October 24, 2017 Updated: October 24, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
From SwissSign: "Our card manufacturer informed us that the ATOS CardOS 4.x cards and card reading systems used by SwissSign are not affected. The vulnerability mainly affects cards of the CardOS 5.x generation which still under evaluation at SwissSign. In addition, there is the possibility for everyone to find out via the link https://keychest.net/roca whether the vulnerability affects the card. If you have any further questions, please do not hesitate to contact us also for a certificate of safety from our card manufacturer."
Notified: October 19, 2017 Updated: October 24, 2017
Statement Date: October 23, 2017
Affected
Dell has released a Knowledge Base article with statement and details.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 16, 2017 Updated: October 16, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
Fujistu has released a security advisory with a list of affected products.
Notified: October 18, 2017 Updated: November 02, 2017
Statement Date: October 20, 2017
Affected
Gemalto Enterprise & Cybersecurity has released a security bulletin with more information.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 16, 2017 Updated: October 16, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
Chrome OS prior to M60 is affected. Google has released a security advisory with more information.
Notified: October 16, 2017 Updated: October 16, 2017
Statement Date: October 16, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
Some HPE TPM modules are affected. HPE has released firmware updates at the URL below. HPE has published a longer security bulletin HPESBHF03789 with more details.
Notified: October 16, 2017 Updated: October 24, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
Infineon RSA library version 1.02.013 is impacted. Infineon provides a partial list of affected vendors using the library in TPM products below.
Notified: October 16, 2017 Updated: October 16, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
Lenovo has released a security advisory and will update the advisory as updates become available.
Notified: October 16, 2017 Updated: October 16, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
Microsoft has released a security advisory.
Notified: October 24, 2017 Updated: October 24, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: November 02, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
The PIVKey C980 is affected. See the security advisory for more details.
Notified: October 16, 2017 Updated: October 16, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: October 16, 2017 Updated: October 16, 2017
Statement Date: October 16, 2017
Affected
No statement is currently available from the vendor regarding this vulnerability.
Yubikey 4 / 4C / 4 nano, versions 4.2.6 - 4.3.4, are vulnerable when using the onboard RSA generation functionality. Yubico has published a security advisory, and provides a keycheck information page with mitigation or replacement advice.