Security Advisory Detail

Foreshadow Speculative Execution Attacks

Advisory ID
WGSA-2018-00001
CVE
CVE-2018-3646, CVE-2018-3620, CVE-2018-3615
Impact
Medium
Status
Acknowledged
Product Family
Firebox, Dimension
Published Date
Updated Date
Workaround Available
True
CVSS Score
5.6
CVSS Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary

On 14 August 2018, security researchers at KU Leuven in Belgium, Technion in Israel, and several other education institutions disclosed multiple vulnerabilities found in most modern Intel processors using a feature known as Software Guard Extensions (SGX). This vulnerability could allow a malicious application to read arbitrary virtual memory regardless of security boundaries. Similar to the previously identified Meltdown and Spectre attacks, this vulnerability allows an attacker to read the protected memory of other applications such as password managers and cryptographic key storage. The above-mentioned researchers named this vulnerability Foreshadow (CVE-2018-3646 and CVE-2018-3620, and CVE-2018-3615).

All modern Intel processors in the Core Skylake and Kaby Lake processor families are impacted by the Foreshadow attack. Other (non-Intel) processors are likely not impacted because they lack the SGX feature.

Affected

WatchGuard Firebox and XTM Appliances

WatchGuard Firebox and XTM appliances use a mixture of of Intel and NXP (Freescale) processors and are potentially affected by Foreshadow to varying degrees. We believe that the practical impact of these vulnerabilities is low however, as the XTM and Firebox appliances do not allow the arbitrary code execution required for exploitation.

Despite the low impact of this issue on our products, WatchGuard Engineering is analyzing patch options for these flaws. However, because of the nature of the processor issue, many OS and industry updates may impact performance to a noticeable degree. We are fully analyzing all of these impacts before releasing our updates. In the meantime, you can rest assured that these flaws pose a low enough impact on our devices that attackers cannot exploit them unless they find a much more severe flaw in our system.

WatchGuard Dimension

WatchGuard Dimension runs as a guest virtual machine on a hypervisor. Depending on the hypervisor system architecture, WatchGuard Dimension may be affected by this vulnerability. Check with your hypervisor vendor for applicable security patches.

Workaround

WatchGuard Firebox and XTM Appliances

There is no known workaround at this time.

Advisory Product List
Product Family
Product Branch
Product List
Firebox
XTM 8 Series (2nd Gen)
XTM850, XTM860, XTM870, XTM870-F
Firebox
XTM 1500 and 2520
XTM1520-RP, XTM1525-RP, XTM2520
Firebox
Firebox T (1st Gen)
T10, T10-W, T10-D, T30, T30-W, T50, T50-W
Firebox
Firebox T (2nd Gen)
T15, T15-W, T35, T35-W, T35-R, T55, T55-W, T70
Firebox
Firebox T (3rd Gen)
T20, T20-W, T40, T40-W, T80
Firebox
Firebox M (1st Gen)
M200, M300, M400, M440, M500
Firebox
Firebox M (2nd Gen)
M270, M370, M470, M570, M670
Firebox
Firebox M (3rd Gen)
M290, M390, M590, M690, M4800, M5800
Firebox
XTMv
Small, Medium, Large, Datacenter
Firebox
FireboxV
Small, Medium, Large, XLarge
Firebox
FireboxCloud
Small, Medium, Large, XLarge
Dimension
Dimension
Dimension