Ghost In The Machine
The key players in the networking industry are girding themselves against the potential for the Spectre and Meltdown exploits to impact their products, and taking pains to make sure customers and partners know where vulnerabilities may lie.
The industry's top five networking companies: Cisco Systems, Huawei, HPE Aruba, Arista Networks and Juniper Networks by Saturday had all issued security advisories that demonstrated a range of possible impacts and preventative actions.
For example, Cisco said that its largely proprietary routers, switches and servers are very unlikely to be impacted by the chip bugs and said customers don't have to take any action, while Juniper Networks said three of its products could be vulnerable and patches would be made available soon. Most of the top networking vendors seem to agree that their products are vulnerable only when they're part of virtualized environments where chips are being attacked.
The Spectre and Meltdown exploits affect chips from multiple vendors, including market leader Intel. The vulnerabilities, if exploited, could be used to expose sensitive data on most modern processors, including mobile devices, desktops, laptops and servers running in cloud environments.