Notice on CPU Vulnerabilities - Meltdown and Spectre

Amaro (Italy), March 9th, 2018Eurotech, a leading provider of embedded systems, Machine-to-Machine (M2M) platforms and Internet of Things (IoT) solutions, is sending this communication to provide information to its customers on the security issues known as “Meltdown” and “Spectre”.

On January 3rd, 2018 reports on these CPU security vulnerabilities were made public: the issues exploit the implementation of certain hardware features present in many modern CPUs from multiple manufacturers.

A description of the vulnerability and its variants (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) including references to the reports and more technical details can be found here: https://meltdownattack.com/

Eurotech is currently investigating if its products could be affected by these vulnerabilities and to what extent.

As of now, Eurotech is not aware of any data or security breach to any of our customers. According to the early reports, malicious code needs to run on the device in order to exploit the vulnerabilities. Properly hardened devices are therefore less subject to this exploit as they prevent the infection with malware software. Eurotech continues to recommend its customers to follow strict hardening guidelines before deploying devices in production and, in particular, to leverage its Eurotech’s Everyware Software Framework (ESF) which provides an intrinsic mitigation of the issues, since they would not run any application that is not digitally signed by the customer.

Eurotech is actively monitoring the evolution of the situation and stays in close contact with CPU manufacturers and Operating System developers for updates and security patch implementations.

Regarding Eurotech’s Everyware IoT Cloud service, we can confirm that all the relevant remediation steps have been taken by Eurotech and its partners to mitigate the risks derived from these vulnerabilities and we are continuing to monitor the evolution of these vulnerability and its mitigation strategies.

Eurotech support team is committed to help customers who are seeking for further advice or information.

To contact Eurotech Support please visit https://www.eurotech.com/en/support


download:
ETH20180903_CS_en.pdf : .pdf 0.3 MB Notice on CPU Vulnerabilities - Meltdown and Spectre


This site uses technical or similar cookies and third parties profiling cookies in aggregate form to improve your navigation experience and the use of the site. If you want to know more or opt out of some cookies consult our cookies extended policy.
By closing this banner or continuing navigation in any other way, you allow the use of cookies.