The Heartbleed Bug (CVE-2014-0160) is a recently discovered vulnerability in OpenSSL, an encryption technology employed by millions of websites and online services worldwide to protect data from unauthorized interception during transmission. The Heartbleed Bug was found in only the most recent versions of OpenSSL: 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1.
Are WTI Products Affected?
We take the security of our products and services very seriously. As a matter of practice, WTI regularly updates the implementation of OpenSSL used in products to the most recent version available in order to protect against security threats found in previous versions. In order to ensure that sensitive data sent to and from WTI products is safe from unauthorized access, WTI has recently released product firmware upgrades to address the Heartbleed vulnerability in the OpenSSL security library.
Due to the fact that both our manufacturing and engineering groups are located at the same facilities in Irvine, California, WTI was able to react quickly to the Heartbleed security threat. As a result, WTI has been able to rapidly correct, test and release updated firmware to address this vulnerability in the OpenSSL library.
WTI recommends that security and administration personnel should review the lists of affected WTI product firmware versions show below. If your WTI product firmware version is included in either list, please contact WTI via the supplied link in order to request a copy of the appropriate firmware upgrade for your product.
As a matter of good practice, we highly recommend to always run the most recent firmware version on your WTI devices.
WTI Firmware Affected:
- TSM, RSM and RSM-8R/2R Series - Firmware versions 6.22 through 6.27.
- VMR, NPS, CCM, RPC and NBB Series - Firmware versions V1.45 through V1.51.
WTI Firmware Not Affected:
- TSM, RSM and RSM-8R/2R Series - Firmware versions 6.21 and earlier.
- VMR, NPS, CCM and RPC Series - Firmware versions 1.44 and earlier.
- All MPC and AFS Series as well as all Legacy Products.
New Available Firmware Versions Including Heartbleed Fix:
- TSM, RSM and RSM-8R/2R Series Console Servers- Firmware V6.30
- VMR, NPS, CCM, RPC and NBB Series PDU's - Firmware V1.55
Request a copy of the latest firmware:
WMU Enterprise Management Software:
Note that if you need to upgrade a large number of WTI devices, our WMU Enterprise Management Software can be a tremendous help. The WMU allows multiple WTI devices to be upgraded via a single interface, rather than requiring each unit to be individually accessed and upgraded. For more information on the WMU Enterprise Management Software, please refer to the following link:http://www.wti.com/p-279-wmu-enterprise-management-software.aspx
If you have any questions regarding the firmware upgrade, please contact WTI Technical Support at firstname.lastname@example.org.
For More Information Contact Interworld Electronics