Meltdown/Spectre Processor Chip Vulnerability
January 8, 2018
On January 4th, Intel and others announced the Meltdown and Spectre (CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754) set of vulnerabilities. Meltdown and Spectre are two vulnerability techniques researchers have discovered that exploit a flaw in computer processors. These vulnerabilities could allow malicious code to gain access to higher-privileged processes and data in memory across multiple operating systems. These vulnerabilities are not exclusive to Beckman Coulter or medical devices. Early public reports indicate that this vulnerability issue potentially affects every processor-based computer and/or electronic device that has been manufactured over the last 5 to 10 years.
Beckman Coulter is aggressively evaluating the potential risk and cybersecurity vulnerability profiles of both our software solutions and instrument software products. Beckman Coulter is focusing our investigation on products that have a direct network connection because any attack would require local or physical access to exploit the identified vulnerabilities. Accordingly, Beckman Coulter has determined the potential risk to be low-impact for products that are not networked or are behind a firewall. Beckman Coulter will perform validation and verification of any applicable patches. Any patches required for networked devices will be released per Beckman Coulter’s specific product update and patching policy.