Security Advisory Detail

Foreshadow Speculative Execution Attacks

Advisory ID
WGSA-2018-00001
CVE
CVE-2018-3646, CVE-2018-3620, CVE-2018-3615
Impact
Medium
Status
Acknowledged
Product Family
Firebox, Dimension
Published Date
Updated Date
Workaround Available
True
CVSS Score
5.6
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary

On 14 August 2018, security researchers at KU Leuven in Belgium, Technion in Israel, and several other education institutions disclosed multiple vulnerabilities found in most modern Intel processors using a feature known as Software Guard Extensions (SGX). This vulnerability could allow a malicious application to read arbitrary virtual memory regardless of security boundaries. Similar to the previously identified Meltdown and Spectre attacks, this vulnerability allows an attacker to read the protected memory of other applications such as password managers and cryptographic key storage. The above-mentioned researchers named this vulnerability Foreshadow (CVE-2018-3646 and CVE-2018-3620, and CVE-2018-3615).

All modern Intel processors in the Core Skylake and Kaby Lake processor families are impacted by the Foreshadow attack. Other (non-Intel) processors are likely not impacted because they lack the SGX feature.

Affected

WatchGuard Firebox and XTM Appliances

WatchGuard Firebox and XTM appliances use a mixture of of Intel and NXP (Freescale) processors and are potentially affected by Foreshadow to varying degrees. We believe that the practical impact of these vulnerabilities is low however, as the XTM and Firebox appliances do not allow the arbitrary code execution required for exploitation.

Despite the low impact of this issue on our products, WatchGuard Engineering is analyzing patch options for these flaws. However, because of the nature of the processor issue, many OS and industry updates may impact performance to a noticeable degree. We are fully analyzing all of these impacts before releasing our updates. In the meantime, you can rest assured that these flaws pose a low enough impact on our devices that attackers cannot exploit them unless they find a much more severe flaw in our system.

WatchGuard Dimension

WatchGuard Dimension runs as a guest virtual machine on a hypervisor. Depending on the hypervisor system architecture, WatchGuard Dimension may be affected by this vulnerability. Check with your hypervisor vendor for applicable security patches.

Workaround

WatchGuard Firebox and XTM Appliances

There is no known workaround at this time.

Advisory Product List
Product Family Product Branch Product List
Firebox
Fireware OS 12.x T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV
Firebox
Fireware OS 12.5.x T15, T35
Dimension
Dimension Dimension