Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000177719


DSA-2020-021: Dell Client Platform Security Update Advisory for STMicroelectronics' Trusted Platform Module (TPM)

Summary: Dell Client Consumer and Commercial Platforms require a security update to address STMicroelectronics' TPM vulnerabilities.

Article Content


Impact

Medium

Details

Updates are available to address the following security vulnerabilities.

  • CVE-2019-16863

 

We encourage customers to review STMicroelectronics’ advisory for further information:

Information on ST's TPM firmware update – ECDSA signature generation

 

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database’s search utility at http://web.nvd.nist.gov/view/vuln/search.

Updates are available to address the following security vulnerabilities.

  • CVE-2019-16863

 

We encourage customers to review STMicroelectronics’ advisory for further information:

Information on ST's TPM firmware update – ECDSA signature generation

 

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database’s search utility at http://web.nvd.nist.gov/view/vuln/search.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected products:

Dell Client Consumer and Commercial Platforms (see Resolution section below for complete list of affected products).

Remediation:
 

The following TPM firmware version contains a resolution to this vulnerability:

  • Dell TPM 2.0 Firmware versions 74.64 and newer

 

Download and install the latest firmware version from:https://www.dell.com/support/home/en-us?app=drivers

Dell recommends all customers update at the earliest opportunity.

Dell Client Consumer and Commercial Products Affected:

Product

Release Date (MM/DD/YYYY)

Latitude 3400

1/7/2020

Latitude 3500

1/7/2020

Latitude 7400 2-in-1

1/7/2020

Latitude 5401

1/7/2020

Latitude 5501

1/7/2020

Precision 3540

1/7/2020

Latitude 7300

1/7/2020

Latitude 7400

1/7/2020

Latitude 5300

1/7/2020

Latitude 5400

1/7/2020

Latitude 5500

1/7/2020

Precision 3541

1/7/2020

Latitude 5300 2-IN-1

1/7/2020

Latitude 7200 2 in 1

1/7/2020

XPS 7390 2-in-1

1/7/2020

 

Affected products:

Dell Client Consumer and Commercial Platforms (see Resolution section below for complete list of affected products).

Remediation:
 

The following TPM firmware version contains a resolution to this vulnerability:

  • Dell TPM 2.0 Firmware versions 74.64 and newer

 

Download and install the latest firmware version from:https://www.dell.com/support/home/en-us?app=drivers

Dell recommends all customers update at the earliest opportunity.

Dell Client Consumer and Commercial Products Affected:

Product

Release Date (MM/DD/YYYY)

Latitude 3400

1/7/2020

Latitude 3500

1/7/2020

Latitude 7400 2-in-1

1/7/2020

Latitude 5401

1/7/2020

Latitude 5501

1/7/2020

Precision 3540

1/7/2020

Latitude 7300

1/7/2020

Latitude 7400

1/7/2020

Latitude 5300

1/7/2020

Latitude 5400

1/7/2020

Latitude 5500

1/7/2020

Precision 3541

1/7/2020

Latitude 5300 2-IN-1

1/7/2020

Latitude 7200 2 in 1

1/7/2020

XPS 7390 2-in-1

1/7/2020

 

Related Information


Article Properties


Affected Product

Laptops, Alienware, Latitude, XPS

Last Published Date

22 May 2021

Article Type

Dell Security Advisory