Meltdown and Spectre
Vulnerability details
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer.
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets.
Impacted products
| Products | Severity | Detail |
|
Stormshield Network Security
|
low |
SNS uses a vulnerable version of processor |
|
Fast360
|
low |
FAST appliances are shipped with a vulnerable version of CPUs |
|
Netasq
|
low |
Netasq appliances are shipped with a vulnerable version of CPUs |
Revisions
| Version |
Date |
Description |
| v1 |
01/05/2018 |
Initial release |
| v2 |
01/05/2018 |
Add information for virtual SNS |
| v3 |
01/16/2018 |
Add status for Fast and Netasq appliances |
| v4 |
01/19/2018 |
Add SNS, Netasq and Fast solution |
Stormshield Network Security |
CVSS v2 Overall Score: 3.1 
|
Analysis
|
Impacted version
|
|
These vulnerabilities could allow an attacker with a local access (ability to run on SNS his own code or script) to the appliance to leak sensitive information.
Those vulnerabilities are useless for an attacker who already have administrator access because an administrator is the highest privileges on the appliance.
It also means that those vulnerabilities aren’t useful for an external attacker to get local access to an SNS appliance.
Concerning virtual appliances or administration tools like Stromshield Visibility Center or Stormshield Management Center you should ensure your hypervisor is up to date.
|
- SN510
- SN710
- SN910
- SN2000
- SN3000
- SN6000
|
Workaround solution
|
Solution
|
|
Keep your appliances updated in order to limit the exploitation of other vulnerabilities that could let an attacker exploit the Meltdown and Spectre vulnerabilities in order to get higher privileges.
|
As stated in the analysis, the meltdown and spectre vulnerabilities require a local access to the appliance. The only user being able to run code on the appliance is the administrator who already has the highest privileges. Consequently, SNS users are not put at risk and no fix needs to be applied.
|
| Access vector |
Access complexity |
Authentication |
Confidentiality impact |
Integrity impact |
Availability impact |
| Local |
Low |
Single |
Complete |
None |
None |
| Exploitability |
Remediation Level |
Report Confidence |
| Proof of concept code |
Unavailable |
Confirmed |
| Collateral Damage Potential |
Target Distribution |
| None |
Medium [26-75%] |
Fast360 |
CVSS v2 Overall Score: 3.1
|
Analysis
|
Impacted version
|
|
These vulnerabilities could allow an attacker with a local access to the appliance to leak sensitive information.
Those vulnerabilities are useless for an attacker who already have administrator access because an administrator is the highest privileges on the appliance.
It means that those vulnerabilities are only useful for an attacker exploiting another old vulnerability on the appliance.
Consequently, it is highly recommended to keep your appliances updated.
|
|
Workaround solution
|
Solution
|
|
Keep your appliances updated in order to limit the exploitation of other vulnerabilities that could let an attacker exploit the Meltdown and Spectre vulnerabilities in order to get higher privileges.
|
As stated in the analysis, the meltdown and spectre vulnerabilities require a local access to the appliance. The only user being able to run code on the appliance is the administrator who already has the highest privileges. Consequently, Fast users are not put at risk and no fix needs to be applied.
|
| Access vector |
Access complexity |
Authentication |
Confidentiality impact |
Integrity impact |
Availability impact |
| Local |
Low |
Single |
Complete |
None |
None |
| Exploitability |
Remediation Level |
Report Confidence |
| Proof of concept code |
Unavailable |
Confirmed |
| Collateral Damage Potential |
Target Distribution |
| None |
Medium [26-75%] |
Netasq |
CVSS v2 Overall Score: 3.1
|
Analysis
|
Impacted version
|
|
These vulnerabilities could allow an attacker with a local access to the appliance to leak sensitive information.
Those vulnerabilities are useless for an attacker who already have administrator access because an administrator is the highest privileges on the appliance.
It means that those vulnerabilities are only useful for an attacker exploiting another old vulnerability on the appliance.
Consequently, it is highly recommended to keep your appliances updated.
|
|
Workaround solution
|
Solution
|
|
Keep your appliances updated in order to limit the exploitation of other vulnerabilities that could let an attacker exploit the Meltdown and Spectre vulnerabilities in order to get higher privileges.
|
As stated in the analysis, the meltdown and spectre vulnerabilities require a local access to the appliance. The only user being able to run code on the appliance is the administrator who already has the highest privileges. Consequently, Netasq users are not put at risk and no fix needs to be applied.
|
| Access vector |
Access complexity |
Authentication |
Confidentiality impact |
Integrity impact |
Availability impact |
| Local |
Low |
Single |
Complete |
None |
None |
| Exploitability |
Remediation Level |
Report Confidence |
| Proof of concept code |
Unavailable |
Confirmed |
| Collateral Damage Potential |
Target Distribution |
| None |
Medium [26-75%] |
