Meltdown and Spectre are hardware vulnerabilities that allow programs to access to reserved memory in computers and servers.
Meltdown exploits a race condition, inherent in the design of many modern CPUs. This occurs between memory access and privilege checking during instruction processing. Additionally, combined with a cache side-channel attack, this vulnerability allows a process to bypass the normal privilege checks that isolate the exploit process from accessing data belonging to the operating system and other running processes. The vulnerability allows an unauthorized process to read data from any address that is mapped to the current process' memory space.
https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)
Spectre is a vulnerability that affects modern microprocessors that perform branch prediction. On most processors, the speculative execution resulting from a branch misprediction may leave observable side effects that may reveal private data to attackers.
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
Endian Products Affected and How to Protect
Endian Appliances are using CPUs that are vulnerable to Meltdown and Spectre, but in order to use this exploit, a hacker would need to get physical access to the system using different vulnerabilities, making the probability of exploiting this security issue very low.
Endian IPS signatures are able to detect the related CVE's and exploit sample code you can find on the Spectre and Meltdown whitepapers. Endian strongly suggests to keep your maintenance active in order to automatically get new signatures and security fixes against this (and similar) kinds of issues.
CVE about this vulnerability
Comments