Perle Meltdown and Spectre Vulnerability Disclosure
The Meltdown vulnerability allows an attacker to bypass the hardware barriers between memory and applications running on the computer, which can allow an attacker to access data, passwords and crypto-keys.
The Spectre vulnerability breaks the isolation between applications that otherwise would be deemed error-free programs. This induces a program to leak its secrets and data using other processes within the memory to access the application.
To exploit any of these vulnerabilities, an attacker must be able to run crafted code on an affected device. Although the underlying CPU and operating system combination in a product may be affected by these vulnerabilities, the majority of Perle products are closed systems that do not allow customers to run custom code on the device, and thus are not vulnerable. There is no vector to exploit them.
Perle IOLAN Serial Terminal Servers are, by default, closed systems. However, they are considered potentially vulnerable if a user has written and installed their own custom code, using the Perle Software Development Kit, that allows an unprivileged local attacker to take advantage of speculative execution instructions on modern microprocessor architectures to perform side-channel information disclosure attacks.
Perle recommends customers review Device Plug-ins that they have written and installed, using the Perle SDK, for vulnerabilities. If you are using a Device Plug-in supplied by Perle the system is closed and therefore not vulnerable.
About Perle Systems - www.perle.com
Perle Systems is a leading developer, manufacturer and vendor of high-reliability and richly featured connectivity and device networking products. These products are used to connect remote users reliably and securely to central servers for a wide variety of business applications. Product lines include Console Servers for Data Center Management, Terminal Servers, Device Servers, Remote Power Switches, Media Converters, Ethernet I/O, Serial Cards, Parallel Cards and Multimodem Cards. Perle distinguishes itself through extensive networking technology, depth of experience in major real-world network environments and long-term distribution and VAR channel relationships in major world markets. Perle has offices in 9 countries in North America, Europe and Asia and sells its products through distribution and OEM/ODE channels worldwide.
830 Fesslers Parkway, Suite 108
Nashville, TN 37210
Julie Mc Daniel
This release was published on openPR.
Permanent link to this press release:
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release Perle Meltdown and Spectre Vulnerability Disclosure here
News-ID: 898455 • Views: 851
More Releases from Perle Systems
Perle launches Modular Console Servers for In-Band and Out-of-Band-Management
Support for up to 50 USB and RS232 Console Ports, redundant copper and fiber Ethernet network access, WiFi network access and a V.92 modem connection NASHVILLE, TN—October 30th, 2018 — Perle Systems, a global provider of advanced serial to Ethernet and device networking hardware, today released the IOLAN SCG Secure Console Servers as an advanced IT Infrastructure Management Solution. Most devices today can be accessed directly over an Ethernet network. However,
Does name dropping…(Broadcom)…work?
If I tell you that Broadcom uses my product in their R&D labs, do you care? Broadcom has been a Fortune 500 company since 2009. They employ 11,750 people worldwide in more than 15 countries. Their turnover in 2017 was $17.636 billion. Broadcom chips are used in smartphones, data storage gear, set-top boxes and networking hardware. Customers include Apple, Samsung Electronics, Hewlett Packard Enterprise, Dell, AT&T and Cisco. Heck, according
Creating High-Speed Internet Access across a Mountaintop, over 12 Inches of Radi …
You know the feeling when you find yourself in a remote area of the country and the internet access is…umm… ”slow”, is the nice word. You can access your email and perhaps see what is going on in the world of social media but, streaming a video, having a video conference or downloading large files is not going to reliably happen. Well, if this problem can be solved at a
“Laptops do weird things at -60°F”
If I ever find myself in the remote Alaskan interior, I would like to meet Mike Spooner, Telecom and Infrastructure Technician at the Sumitomo Pogo Mine. Why? This man is a story teller. A good story teller. So good, that he can make a story about setting up a networked virtual serial port extremely entertaining. Okay, I sense your doubt, and I don’t blame you. There can’t possibly be anything more
More Releases for Meltdown
DEV Systemtechnik Devices Not Vulnerable to Meltdown and Spectre Malware
DEV Systemtechnik (www.dev-systemtechnik.com), supplier of RF signal transmission solutions for satellite, cable and broadcast applications, announced that its products do not use the type of CPU processors that are vulnerable to Meltdown and Spectre malware. It was recently reported that several popular types of CPUs commonly used in computers, phones, and tablets were discovered to have security flaws. The flaws could allow hackers to read out sensitive data
The nightmare after Festive Season (and Meltdown, and Spectre)
In the last few months of 2017, security companies made their own forecasts about incoming cyberthreats and the measures that needed to be taken to ensure a better and cybersafer 2018, often advocating the use of protective software tools made by that vendor. Lo and behold! 2018 started with a scenario hardly anyone could have foreseen.Two serious design vulnerabilities in CPUs were exposed that make it possible, although not
How we managed Meltdown and Spectre to protect our customers
On January 3rd, 2018, the public was notified about two security vulnerabilities dubbed Meltdown and Spectre by researchers, that affected any Intel, AMD or ARM processor created in the last 20 years. These vulnerabilities could potentially allow an attacker to obtain access to sensitive information. Spectre attacks take advantage of a CPU's branch prediction capabilities. The impact is that a process may leak sensitive data to other processes on
The Analyst who predicted the 2008 Global Meltdown now Warns Investors!
MEDIA ALERT! MARKET PLUNGE PREDICTED! Today the stock market had the sharpest decline of the year. This came at a time that optimism by analysts was near multi-year highs. Did any analyst foresee the plunge? Global market authority Bert Dohmen did! Once again he called the market top within one day. He is one of the analysts who predicted the 2008 global crisis, in his book, PRELUDE TO MELTDOWN, written in
Eric Cantona Financial Meltdown – The Revolution
Eric Cantona, infamous for his kung fu kicking ability, has now aimed a punch squarley at the Banks. (You may remember him playing football for a little known team in Manchester). In a recent video on Youtube “King Eric” suggests the way to start a revolution is not on the streets, but instead through everyone withdrawing their money from the banks. It’s actually quite a scary thought. We have already seen what
EmpXtrack Team Growing amid Global Recession and Meltdown
Saigun Technologies announced that amidst the recession it is growing at a constant pace and recruiting according to its Recruitment Targets set at the beginning of year 2008. Saigun conducted an Open House Recruitment Session to recruit employees for various departments. Open house was attended by 50 candidates from premium educational institutions like Amity University. Saigun's President Tushar Bhatia who was directly involved in the Open House process said, “The