Overslaan naar hoofdinhoud

GarrettCom Statement Regarding Spectre and Meltdown Vulnerabilities - Kennisbank / Products - GarrettCom Support Center

GarrettCom Statement Regarding Spectre and Meltdown Vulnerabilities

GarrettCom, Hirschmann and Tofino products are NOT affected by CVE-2017-5753 and CVE-2017-5715
(known as Spectre) or CVE-2017-5754 (known as Meltdown). These vulnerabilities take advantage of the
implementation of speculative execution of instructions on many modern microprocessor architectures to
perform side-channel information disclosure attacks. In order to exploit any of these vulnerabilities, an
attacker must be able to run crafted code on a vulnerable device. GarrettCom, Hirschmann and Tofino
products are closed systems which do not allow customers to run custom code on the device, thus even if
the underlying CPU and Operating System combination in a product may be affected by these
vulnerabilities, the products are not affected because the attack cannot be carried out.