Unrated severityNVD Advisory· Published Nov 14, 2019· Updated Aug 5, 2024

CVE-2019-16863

Description

STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

STMicroelectronics/ST33TPHF2ESPI TPM devicesdescription
LG Electronics/ST33TPHF2ESPI TPMllm-create
Range: before 2019-09-12

Patches

Vulnerability mechanics

References

tpm.failmitrex_refsource_MISC
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190024mitrex_refsource_MISC
support.f5.com/csp/article/K32412503mitrex_refsource_CONFIRM
support.hpe.com/hpsc/doc/public/displaymitrex_refsource_CONFIRM
support.lenovo.com/us/en/product_security/LEN-29406mitrex_refsource_CONFIRM
www.st.com/content/st_com/en/campaigns/tpm-update.htmlmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000