Infineon Technologies, one of Yubico's secure element vendors, informed us of a security issue in their firmware cryptographic libraries. The issue affects TPMs in millions of computers, and multiple smart card and security token vendors.
This page provides information to help you determine whether you are affected, and how to address this issue. For Yubico this issue weakens the strength of on-chip RSA key generation, and affects some use cases for the Personal Identify Verification (PIV) smart card and OpenPGP functionality of the YubiKey 4 platform. Yubico has issued a security advisory on this issue.
formatting link