![]() ![]() This update can be found on the Sentinel Downloads site. Customers who have Sentinel LDK (RTE) Run-time Environment version (v2.10 – 7.50) are advised to update their Sentinel LDK RTE to the latest Sentinel LDK RTE component (v 7.55) which was released on May 25, 2017. We had reported the vulnerabilities to the vendor and it released private advisory. ![]() DOS vulnerabilities can be exploited with web admin interface enabled. RCE vulnerabilities can be exploited through web admin interface remotely. ![]() Remote attacker can switch on or off web admin interface. Vulnerable hasplms service opens 1947/tcp port that has web interface enabled by default. The vulnerable version of the driver can automatically be installed on the system by plugin-in USB license key. Vulnerable products are commonly used for licenses control and management among various business sectors: industrial control systems, financial institutions, banking solutions etc. Kaspersky Lab ICS CERT has identified multiple remote code execution (RCE) and denial of service (DOS) vulnerabilities in hasplms service that is a part of Gemalto’s HASP SRM, Sentinel HASP and Sentinel LDK products. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |