Question

Are ANY of your hosting services vulnerable to the following exploit? https://www.ssh.com/vulnerability/intel-amt

Posted May 7, 2017 1.7k views
Security

Additional links:
https://nvd.nist.gov/vuln/detail/CVE-2017-5689
http://www.kb.cert.org/vuls/id/491375

Add a comment
guideloom
By:
guideloom
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

3 answers
jtittle1 May 7, 2017

@guideloom

I’d submit a ticket to the support team to confirm, though from looking at the Droplets and the info on the CPU’s, it doesn’t look like those solutions are enabled.

At the core, the platform team would need to confirm, or perhaps @ryanpq can do so here.

Reply Report
ryanpq May 7, 2017

I don’t have a lot of detail to share but I did check in on this issue with our ops team earlier in the week. They have reported that while we are continuing to track this issue internally we do not believe that this issue presents any risk to our users.

Reply Report
  • guideloom May 8, 2017

    Thanks for the reply. Understandably it can be somewhat onerous to check, but there is a difference between “we do not believe that this issue presents any risks” and “we have confirmed that this issue does not present any risks”. The first is we are not sure, and the second confirms you have tested and can categorically state that your users are safe.

    I’d like a confirmation that we are safe if possible.

    Reply Report
redsmeg68 September 27, 2018

They sent us an email about how there was a vulnerability but that individual VM’s could not be targeted (the memory leak one) but we haven’t heard anything since.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help