Privilege Escalation Vulnerability

utimaco LAN V5 3Utimaco has been made aware of a vulnerability affecting the Windows installations of some of our products.

This vulnerability could allow for an attacker to escalate Windows privileges from a standard “Authenticated User” to that of an Administrator or SYSTEM. The firmware of your Hardware Security Modules is not affected though.

Please consult the linked advisory for the details of this vulnerability, and check whether you are affected. We have published an updated SecurityServer product CD and a patch in our support portal under Support -> Downloads. Login to the support portal is required.

Download Security Advisory Document

Download HotFix Patch

This issue has been reserved in the Common Vulnerabilities and Exposures list as CVE-2020-26155. It will be published end of January 2021. Do not disclose this vulnerability before its publication on the CVE website to give all affected customers due time for fixing their installations.

News

Utimaco CP5 VS-NfD Classified as EU RESTRICTED

Utimaco frontUtimaco CP5 VS-NfD hardware security module (HSM) has been successfully approved by the EU Council and is now being classified as RESTREINT UE/EU RESTRICTED.

Read more ...

Borzen with Utimaco HSM

Utimaco frontSlovenian company Borzen, a power market operator, has chosen to use quality hardware security module (HSM) from Utimaco for protection and management of cryptographic keys.

Read more ...

New Release of Atalla AT1000 HSM (8.40)

u.trust 360The Utimaco Atalla Team has announced the release of the Atalla AT1000 hardware security module (HSM) version 8.40.

Read more ...

u.trust 360 - Remote Monitoring and Management of HSMs

u.trust 360With the Utimaco u.trust 360 administration platform you can remotely access your Atalla HSMs for real-time monitoring, configuration or reporting purposes on premises or in the cloud.

Read more ...

Technical Training for Utimaco HSM

utimaco LAN V5 4CREAplus, authorized Utimaco training partner, is going to deliver an online hands-on technical training for Utimaco HSM, on 4-5 February 2021.

Read more ...