VU#584653 Vulnerability - Security Advisory TWA SEC 3654

Date: January 5, 2018

A new class of issues have been identified in common CPU architectures. The presently known issues could allow unprivileged code to read privileged memory locations.

TCPWave is analyzing the potential impact of these issues across its product range. This bulletin will be updated as further information becomes available on the impacts of these issues and their variants.

Please note that, although these are issues in the underlying processor hardware, TCPWave intends to provide software updates, together with our partners, to mitigate these issues where practical.

Please review the following sections for information on your specific TCPWave products. This bulletin will be updated as more information becomes available. Customers can receive e-mail notifications about updated or new security bulletins by subscribing to our newsletter.

Products that we believe are not impacted:
  • TCPWave Physical Remote Master DNS, Slave DNS, Cache DNS and, DHCP appliances (Models: SL0983 and SL0984): TCPWave believes that currently supported versions of TCPWave remote DNS/DHCP appliances that deliver network services are not impacted by the presently known variants of these issues.
  • TCPWave remote DNS/DHCP appliances on VMWare (SL0983 and SL0984): TCPWave believes that currently supported versions of TCPWave DNS/DHCP virtual appliances on VMWare are not impacted by the presently known variants of these issues.
Products that may require Third Party updates:
  • TCPWave Remote DNS Appliances in AWS / Azure / Google Cloud / IBM Softlayer: TCPWave believes that currently supported versions of the TCPWave DNS Appliances in the Cloud providers such as Amazon AWS, Google Cloud, Microsoft Azure and IBM Softlayer are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating.
Products that we believe are impacted:
  • TCPWave IPAM with multiuser command line SSH access: TCPWave believes that currently supported versions of TCPWave IPAM are not at risk from malicious network traffic. However, in light of these issues, TCPWave strongly recommends that customers only deploy TCPWave IPAM instances on physical or virtual appliances where the TCPWave IPAM administrators are trusted.
What TCPWave Is Doing
  • TCPWave is notifying customers and channel partners about this potential security issue. TCPWave is actively working with Dell to see if a BIOS update to the Dell hardware is applicable to mitigate this exploit.
Obtaining Support on This Issue
  • If you require technical assistance with this issue, please contact TCPWave Technical Support. Contact details for TCPWave Technical Support and emergency are available at http://www2.tcpwave.com
Reporting Security Vulnerabilities
  • TCPWave welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to TCPWave, please contact your local TCPWave Account Manager.