Security Updates


Oct 3​, 2014

Bash Vulnerability “Shellshock” (CVE-2014-6271 and CVE-2014-7169)

Following the full vulnerability assessment of our own IT resources and the software platforms that we sell, we have taken the necessary measures to counter the threat. When we identified vulnerable resources we applied, or are applying, all of the relevant patches on our infrastructure. The fixes have been made with the third party patches which were developed to counter the issue. ​

Gemalto is closely monitoring the evolution of the threat and will apply all necessary counter-measures to safeguard our customers’ services as well as our own IT resources. We will keep you informed of the situation and any measures that need to be taken.

Customers who have specific complimentary questions about Gemalto’s software platforms should contact their usual account manager or technical contact to get further details.​

 ​

​​​​Sep 29, 2014

Bash Vulnerability "Shellshock" (CVE-2014-6271)

Gemalto is aware of the Bash bug/Shellshock vulnerability affecting Unix-based operating systems documented in CVE-2014-6271. It is a widely used Unix system command line interpreter and affects most Unix based systems (Linux distributions, OSX, Solaris etc.), network devices such as routers and load balancers as well as some mobile devices.

Since we became aware of the issue our security teams have carried out a full inventory of potentially vulnerable servers.  Depending on the level of exposure of each server, patches or containments were deployed as soon as they were made available based on information from our suppliers.

Our security teams are closely monitoring the evolution of the threat and will continue to apply new patches as and when they become available.

Customers who have specific questions about the vulnerability should get in touch with their usual Gemalto contact.

More information on CVE-2014-6271 can be found here - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271#sthash.DHfkJnRI.dpuf  ​