Atos SE Information for VU#307015
Infineon RSA library does not properly generate RSA key pairs
- Vendor Information Help Date Notified: 24 Oct 2017
- Statement Date:
- Date Updated: 24 Oct 2017
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
"Our card manufacturer informed us that the ATOS CardOS 4.x cards and card reading systems used by SwissSign are not affected. The vulnerability mainly affects cards of the CardOS 5.x generation which still under evaluation at SwissSign.
In addition, there is the possibility for everyone to find out via the link https://keychest.net/roca whether the vulnerability affects the card. If you have any further questions, please do not hesitate to contact us also for a certificate of safety from our card manufacturer."
If you have feedback, comments, or additional information about this vulnerability, please send us email.