Computer security can seem like a ceaseless—and thankless—task. Vulcan Cyber is here to help in as many ways as possible, including offering Vulcan Remedy Cloud, the largest free and curated online database of tried and tested vulnerability remediation solutions. In this post, we will cover the “most searched” security vulnerability in Remedy Cloud during Q2, CVE-2017-5715, and how to fix it. When it comes to CVE-2017-5715, you may have heard a lot of speculation, and it’s reasonable to be skeptical. After all, rumor has it that this vulnerability affects almost every system out there—or close to it.
In this case, you can believe the hype. This family of vulnerabilities has had a truly massive ripple effect, with hardware and software vendors rushing to provide patches and updates to keep their customers safe.
Now, Vulcan Cyber makes your job easier, with simple answers that will help you understand the true dimensions of the threat. Read on to discover your level of risk and how you can respond to keep your organization safe.
What is the CVE-2017-5715 vulnerability?
The CVE-2017-5715 (branch target injection) vulnerability, is generally referred to as Spectre. CVE-2017-5715 is also referred to as Spectre Variant 2, and is closely related to CVE-2017-5753, referred to as Spectre Variant 1. Both are also closely related to a similar vulnerability, CVE-2017-5754, commonly known as Meltdown, and many articles and references refer to all three vulnerabilities together.
This vulnerability is the result of a low-level microprocessor function called “speculative execution,” meaning that the microprocessor performs tasks before they are requested in order to speed up apparent processing time.
When exploited, this vulnerability allows one virtual machine to access data from another without sufficient privilege level. Once an attacker gains access, they can perform malicious code injection to force actions unintended by the user. This vulnerability may take advantage of social engineering, tricking a user into visiting a malicious site, where it could then exploit the vulnerability to retrieve sensitive data from other browser tabs.
Does this vulnerability affect me?
Probably. The Spectre vulnerability specifically applies to almost all modern microprocessors—such as Intel, AMD, and ARM—and encompasses the widest possible range of operating systems including Windows, Android, Chrome, Linux, iOS, MacOS, as well as specialized third-party equipment such as routers. Please consult your device vendors for specific details.
Has CVE-2017-5715 been actively exploited in the wild?
It is not known whether Spectre has been exploited in the wild. It is relatively difficult to exploit, but since it was publicized back in 2018, it has become very widely known, with proofs of concept circulating widely for years. Experts believe it is only a matter of time before it is exploited in a genuine attack, if it has not been already. As Vulcan Cyber Co-Founder Tal Morgenstern noted to Security Week, “More than three years after the discovery and publication of the Spectre vulnerability, there are signs that it could be weaponized.”
How do I remediate CVE-2017-5715?
To defend your entire organization against Spectre, we recommend taking the following steps:
- Update all networked computers and devices across your entire organization to the latest operating system version.
- Check model numbers for all network hardware—such as routers—to determine if they use Spectre-vulnerable microprocessors, and implement firmware updates if needed.
- If any hardware uses unpatched older CPUs, such as certain unsupported Core, Celeron, Pentium, and Xeon models from Intel, upgrade as soon as possible
- Ensure that developers are aware of security measures to prevent vulnerability due to these types of side-channel attacks in their apps, such as minimizing shared resources and exposure of sensitive data.
Keep up with emerging vulnerabilities. Get free access to thousands of vulnerabilities and get fix done with Remedy Cloud.