浏览常见问题解答

UPDATED: 10-JAN-2018 | Security Notification: "Meltdown" (CVE-2017-5754) and "Spectre" (CVE-2017-5753 & CVE-2017-5715)​ - impact to APC products

发布日期: 12 September 2020

Issue
Do the "Meltdown" (CVE-2017-5754) and "Spectre" (CVE-2017-5753 & CVE-2017-5715) vulnerabilites impact APC products?


Product Line
  • Including but not limited to:
    • StruxureWare Data Center Expert (DCE)
    • StruxureWare Data Center Operation (DCO)
    • NetBotz Appliances
    • APC Network Management Cards
    • PowerChute Network Shutdown
    • PowerChute Business Edition
    • PowerChute Personal Edition
    • 1ph and 3ph UPS


Cause
Schneider Electric has become aware of two side channel attacks that leverage critical vulnerabilities in a wide range of computer CPU. These vulnerabilities have been named Spectre and Meltdown. Spectre tricks other applications into accessing arbitrary locations in their memory. Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. There have been no known exploits in the wild.

Resolution

Schneider Electric is actively monitoring vendor research into these vulnerabilities to determine appropriate actions to be taken. For the most up to date information and disclosure from the Schneider Electric Product Security Office, please visit this URL where the disclosure will be continuously updated, as needed: https://www.schneider-electric.com/en/download/document/SEVD-2018-005-01/

Update (10-JAN-2018): Product specific information is available at the following URL and the disclosure will also be continuously updated as new information becomes available specific to our product offers: https://www.schneider-electric.com/en/download/document/SEVD-2018-010-01/ 

For any additional questions, please contact your Schneider Electric representative or local technical support team.

 

对您是否有帮助?

我们如何进行信息改进?

找不到您查找的内容?

请联系我们的客户团队,获取有关技术支持、投诉帮助等的信息。