Palo Alto Networks Knowledgebase: Palo Alto Networks products not vulnerable to ROCA: Vulnerable RSA generation (CVE-2017-15361)

Palo Alto Networks products not vulnerable to ROCA: Vulnerable RSA generation (CVE-2017-15361)

1676
Created On 08/05/19 19:58 PM - Last Updated 08/05/19 20:11 PM
Threat Intelligence Threat Prevention
Resolution

On October 15th 2017, a security researcher announced a new vulnerability "ROCA: Vulnerable RSA generation" [1] affecting smartcards, security tokens and other secure hardware using chips manufactured by Infineon Technologies AG.

 

Palo Alto Networks does not use these affected chips in any products. As a result, the Palo Alto Networks platform is not vulnerable to the attack described in CVE-2017-15361 [2].

 

Reference

[1] -  https://crocs.fi.muni.cz/public/papers/rsa_ccs17

[2] - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15361

 



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm2wCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language