Security comes first at Bomgar, and we continually monitor publicly known cybersecurity vulnerabilities, or CVEs (Common Vulnerabilities and Exposures).
At this time, we are actively following CVEs for "Meltdown" and "Spectre", which are CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754.
Meltdown (CVE-2017-5754) breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory.
Spectre (CVE-2017-5753, CVE-2017-5715) tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location.
These vulnerabilities allow an unprivileged malicious process to read system memory. While there is no known vector that would allow an attacker to run code on the Bomgar Appliance, we advise taking the following action for Virtual Appliances running on their respective hosts:
For any additional questions, contact the Bomgar support team!
Share this post:
As Product Manager, Jonas works with a variety of stakeholders in the product development lifecycle to help drive product direction and enhancements. Jonas brings more than a decade of experience to Bomgar in various aspects of applications development, systems engineering and product management. Prior to joining Bomgar, Jonas was a systems engineer at a large life insurance company. He received his MBA with a concentration in Management Information Systems from Mississippi College.
Stay Up To Date
Get the latest news, ideas, and tactics from Bomgar You may unsubscribe at any time.