DSA-2021-161: Dell PowerEdge Server Security Update for a Trusted Platform Module (TPM) 2.0 Firmware Vulnerability
Summary: Dell PowerEdge Server remediation is available for a vulnerability in the Nuvoton NPCT75x Trusted Platform Module (TPM) 2.0 firmware version 7.2.1.0 that may be exploited by malicious users to compromise the affected system. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Medium
Details
| Third-party Component | CVE | More information |
| Trusted Platform Module 2.0 (Firmware 7.2.1.0) | CVE-2020-25082 | https://www.nuvoton.com/support/product-related-information/security-advisories/sa-002/ |
| Third-party Component | CVE | More information |
| Trusted Platform Module 2.0 (Firmware 7.2.1.0) | CVE-2020-25082 | https://www.nuvoton.com/support/product-related-information/security-advisories/sa-002/ |
Affected Products & Remediation
| Product | Affected Versions | Updated Versions or later | Link to Update |
| R6525 and R7525 | 7.2.1.0 | 7.2.2.0 | https://www.dell.com/support/home/drivers/driversdetails?driverid=v187j |
| C6525 | 7.2.1.0 | 7.2.2.0 | https://www.dell.com/support/home/drivers/driversdetails?driverid=k9y88 This will download a version of the BIOS that will update the TPM firmware |
| XE8545 | 7.2.1.0 | 7.2.2.0 | Link will be updated once available. This will download a version of the BIOS that will update the TPM firmware |
| T40 | 7.2.1.0 | 7.2.2.0 | https://www.dell.com/support/home/en-us/product-support/product/poweredge-t40/drivers |
To determine the TPM firmware version used on your system, see KB article 190411: Dell PowerEdge Server: How to Tell Which TPM Firmware is Being Used on 15G Server Products.
Notes:
BIOS updates require a reboot for installation and a scheduling maintenance window is recommended to perform the BIOS update.
The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
| Product | Affected Versions | Updated Versions or later | Link to Update |
| R6525 and R7525 | 7.2.1.0 | 7.2.2.0 | https://www.dell.com/support/home/drivers/driversdetails?driverid=v187j |
| C6525 | 7.2.1.0 | 7.2.2.0 | https://www.dell.com/support/home/drivers/driversdetails?driverid=k9y88 This will download a version of the BIOS that will update the TPM firmware |
| XE8545 | 7.2.1.0 | 7.2.2.0 | Link will be updated once available. This will download a version of the BIOS that will update the TPM firmware |
| T40 | 7.2.1.0 | 7.2.2.0 | https://www.dell.com/support/home/en-us/product-support/product/poweredge-t40/drivers |
To determine the TPM firmware version used on your system, see KB article 190411: Dell PowerEdge Server: How to Tell Which TPM Firmware is Being Used on 15G Server Products.
Notes:
BIOS updates require a reboot for installation and a scheduling maintenance window is recommended to perform the BIOS update.
The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Revision History
| Revision | Date | Description |
| 1.0 | 2021-08-10 | Initial release |
Related Information
Legal Disclaimer
Affected Products
PowerEdge C6525, PowerEdge R6525, PowerEdge R7525, PowerEdge T40, PowerEdge XE8545, Product Security InformationArticle Properties
Article Number: 000190343
Article Type: Dell Security Advisory
Last Modified: 01 Sep 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.