Incorrect implementation of the RSA algorithm in the Infineon library

Cybersecurity researchers have found a vulnerability in 2048 and 1024-bit RSA public key algorithms that affect systems that implement the algorithm using the Infineon library. In addition to this library, the microcontrollers produced by the company are also vulnerable for the integration of the algorithm in the computer motherboards.

The detected vulnerability allows to calculate the private key of a user through its public key, reason why an attacker can get to decipher confidential information directed to the victim. The affected systems can date of until 2012, year in which Infineon began to commercialize the affected microcontrollers. At the moment, the manufacturers of affected devices include Acer, Asus, HP, Samsung and Lenovo among others, which have already announced that they are working to publish the relevant security updates to solve the security problem.

Etiquetas