You need to see DPS gear in action. Get a live demo with our engineers.
Download our free Monitoring Fundamentals Tutorial.
An introduction to Monitoring Fundamentals strictly from the perspective of telecom network alarm management.
Have a specific question? Ask our team of expert engineers and get a specific answer!
Sign up for the next DPS Factory Training!
Whether you're new to our equipment or you've used it for years, DPS factory training is the best way to get more from your monitoring.Reserve Your Seat Today
Jan. 15, 2018
Recently, vulnerabilities in the Intel remote administration feature known as the Management Engine (ME) have been discovered by several independent research groups. The nature of the Intel ME, mixed with what are being called Meltdown Spectre vulnerabilities, could allow remote attackers to gain full control of a targeted computer.
The intended purpose of the Intel-based chip sets with ME enabled was to allow administrators remote access to PCs. They could remotely manage and repair workstations, PCs, and servers within their network, even with the device turned off (as long as it is connected to power and the network).
Unfortunately, Meltdown Spectre vulnerabilities discovered by the research groups allow attackers to also remotely access devices through ME. ME has complete access to most all data on the computer, including its system memory and network adapters. Exploitation of this would allow attackers to execute malicious code on the device and completely compromise the platform.
While RTU manufacturer DPS Telecom uses similar chips in its products, extensive research has been done to be sure that these products are not affected by this security flaws. NetGuardian, NetDog, and TempDefender RTUs have been confirmed with the chip manufacturers to be immune to Meltdown Spectre vulnerabilities.
Similarly, T/Mon products, including T/Mon LNX, T/Mon MINI, and T/Mon SLIM have also been confirmed immune using the manufacturer's diagnostic tool.
While DPS equipment is safe from Meltdown Spectre vulnerabilities, it is important to verify the same for the rest of your network. If the data from DPS products interface with a server or other devices that are vulnerable, it could create a security breach.
If you think your system may be affected, you may consider the following steps: