Palo Alto Networks products not vulnerable to ROCA: Vulnerable RSA generation (CVE-2017-15361)

by emoret on ‎10-17-2017 08:51 PM - edited on ‎11-03-2017 04:58 PM by (3,806 Views)

On October 15th 2017, a security researcher announced a new vulnerability "ROCA: Vulnerable RSA generation" [1] affecting smartcards, security tokens and other secure hardware using chips manufactured by Infineon Technologies AG.

 

Palo Alto Networks does not use these affected chips in any products. As a result, the Palo Alto Networks platform is not vulnerable to the attack described in CVE-2017-15361 [2].

 

Reference

[1] -  https://crocs.fi.muni.cz/public/papers/rsa_ccs17

[2] - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15361

 

Ask Questions Get Answers Join the Live Community