In January 2018, two critical architectural flaws in CPUs that allow applications to read kernel memory have been made public – Meltdown and Spectre.
Meltdown relates to the behavior of out-of-order execution on CPUs, neutralizing security models based on address space isolation. This can potentially allow a process executing with user privileges to get access to the entire memory including kernel memory.
Spectre is a flaw in branch prediction and speculation that allows applications to read kernel memory.
Vectra security research and engineering have determined that neither Meltdown nor Spectre is a risk for Vectra’s platforms. Exploitation of either flaw requires execution of an unsanctioned binary. This is not possible on Vectra Cognito, either from the UI or from the vsupport CLI. Thus, Vectra software is effectively not impacted by either flaw. Please reach out to firstname.lastname@example.org for any further questions.