Displaying present location in the site.

NEC Storage Products:
About Mitigating Processor Vulnerability (Side-channel Attack)

NEC Storage Products:
About Mitigating Processor Vulnerability (Side-channel Attack)


Published: February 9, 2018

Thank you for your continued patronage for NEC Storage products.
Regarding the vulnerability issue of processors with the speculative execution or out of order execution function which has been detected by the third party organization and notified by a number of research institutions and corporations, we would like to inform you of the following announcement. 

NEC Storage products are not affected by the vulnerability issue. In order to exploit the vulnerabilities, it is necessary to execute the malicious code on the targeted system(s) but NEC Storage products do not allow the execution of external code. As a result, these products are protected from exploitation of the security vulnerabilities.

Information on the Vulnerability

  • If the vulnerabilities pointed out this time (CVE-2017-5715、CVE-2017-5753、CVE-2017-5754) are exploited to make an attack, the memory data in the affected products could be illegally obtained.
  • If the malicious program is not executed on the system, the system cannot be affected by the attack exploiting those vulnerabilities.
  • There is no possibility of data falsification exploiting the vulnerability.

Relevant information:

CERT/CC Vulnerability Note VU#584653
    CPU hardware vulnerable to side-channel attacks
    https://www.kb.cert.org/vuls/id/584653 

Press release published by Intel Corporation
    Security Exploits and Intel Products
    https://newsroom.intel.com/press-kits/security-exploits-intel-products

Confirmed Products of NEC Storage

It is confirmed that the following NEC Storage products are not affected by the security vulnerability issue.

SAN Products

M Series (including NAS gateway option)
D Series *

S Series *
Fibre Channel Switch Products WB Series
NAS Product

NV Series *

Ne Series *
Backup & Archive Products HS Series (HYDRAstor)
Tape Storage Products  
 

* Discontinued products