Information on ST's TPM firmware update – ECDSA signature generation
Trusted Platform Module (TPM) Firmware updates, including additional countermeasures in the implementation of the Elliptic Digital Signature Algorithm (ECDSA) signature generation function, are available for ST’s devices based on Trusted Computing Group specifications 2.0. TPM devices based on TCG specifications 1.2 do not support this cryptographic function.
The deployment of a TPM firmware update is not required if:
- the ecosystem does not depend on this cryptographic service or
- the platform already provides countermeasures
Please follow this link for more information on the impact on Microsoft Windows operating systems devices.
For end-users of computing devices with an ST TPM
- Lenovo support : click here
- Dell support : click here
- Panasonic support : click here
- HPE support : click here
For other operating systems or embedded devices, please contact your device manufacturer.
The TPM-affected products' firmware and applicable firmware updates are listed below:
Products | FW versions affected | Fixed FW version recommended |
ST33TPHF2ESPI | 71.0, 71.4, 71.12 | 71.16 |
ST33TPHF2ESPI | 73.0, 73.4 | 73.20 |
ST33TPHF2ESPI | 73.8 | 73.64 |
ST33TPHF2EI2C | 73.5 | 73.21 |
ST33TPHF2EI2C | 73.9 | 73.65 |
ST33TPHF20SPI | 74.0, 74.4 | 74.20 |
ST33TPHF20SPI | 74.8, 74.16 | 74.64 |
ST33TPHF20I2C | 74.5 | 74.21 |
ST33TPHF20I2C | 74.9 | 74.65 |
The TPM products and firmware not listed are not affected.
CVE Identifier: CVE-2019-16863.
