KB Article | Forcepoint Support

Problem Description

KB 14933 provides a description of the Meltdown and Spectre Vulnerabilities CVE-2017-5715, CVE-2017-5753, CVE-2017-5754.
This article provides additional information specific to the Forcepoint NGFW product.
 
Vulnerability risk
The Meltdown and Spectre attacks are not a remote compromise against the Forcepoint NGFW firewall. These vulnerabilities have no direct impact on the NGFW and very little indirect impact.
 
The Meltdown vulnerability allows a local user with normal user privileges to read kernel memory via a specially crafted exploit program. The Forcepoint NGFW firewall is not a general-purpose system and only trusted administrators should have local user accounts.

Resolution

Information About Fixes
 
The following table displays the planned schedule for fixes:
 
 NGFW 5.10NGFW 6.2NGFW 6.3NGFW 6.4
CVE-2017-5715
Spectre
No fix plannedNo fix plannedFix scheduled for 6.3.3 in March 2018Fix included with 6.4.0 release in February 2018
CVE-2017-5753
Spectre
No fix plannedNo fix plannedFix scheduled for 6.3.3 in March 2018Fix included with 6.4.0 release in February 2018
CVE-2017-5754
Meltdown
No fix plannedNo fix plannedFix scheduled for 6.3.3 in March 2018Fix included with 6.4.0 release in February 2018
If you are running NGFW on third-party hardware or virtual appliances (Vmware, KVM, AWS, ESXi, Azure, Hyper-V, etc.), please work with your hardware and OS/Hypervisor vendors to determine vulnerability status.
 

Notes & Warnings


 

Article Feedback



Thank you for the feedback and comments.