Firmware Update Required for Infineon TPM Devices to Address Security Vulnerabilities
Abstract
A vulnerability (TCG-VRT0009) has been identified in Infineon TPM hardware, affecting devices with outdated firmware. This vulnerability could allow malicious actors to exploit memory corruption or generate weak RSA keys, compromising system security.
Affected Products:
Infineon OPTIGA™ TPM SLB 9672/9673 (requires certified firmware update to maintain TCG compliance).
IEI Products:
Model Name: TPM IN03
Description of Change: Update the firmware of SLB9672VU2.0 form FW15.21 to FW15.2 3.
Recommended Actions:
● Verify Device Compatibility:
Check whether your systems use affected Infineon TPM hardware.
● Download and Apply Firmware Updates:
Infineon has released compliant firmware updates. Download the latest version from their official portal.
Contact your hardware provider for technical assistance
Conclusion:
Timely firmware updates are essential to mitigate risks associated with TCG-VRT0009. Immediate action is strongly advised to safeguard sensitive data and maintain system integrity.
References:
Trusted Computing Group (TCG): Advisory on TPM 2.0 vulnerabilities and mitigation.
https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdfInfineon Technologies: Firmware update details and compliance requirements.
https://www.infineon.com/cms/en/product/promopages/tpm-update/
