Mitigation for Remote Access Execution Vulnerability - Out of Support

Please see the main Security Announcement pertaining to this article for background information.

 

Customers affected by this vulnerability who are currently out of support can follow the steps below as they correspond to the current firmware version of the affected appliance(s).

 

Current LMOS version is 7.1.16 to 7.1.35.4:

Download the SecPatch addon located here.

Install the addon Under System Configuration > System Administration > Update Software > Install new Addon Package

Click Choose file, browse for the previously downloaded file, and click Install Addon Package

Follow the prompts to complete the installation and reboot.

Download LMOS version 7.1.35.6 located here.

Perform the firmware upgrade as usual.

 

Current LMOS versions is 7.2.x or later:

Download the SecPatch addon located here.

Install the addon Under System Configuration > System Administration > Update Software > Install new Addon Package

Click Choose file, browse for the previously downloaded file, and click Install Addon Package

Follow the prompts to complete the installation and reboot.

Download LMOS version 7.2.42.0 located here.

Perform the firmware upgrade as usual.

 

**Note: The SecPatch addon will allow for a single upgrade on an out of support appliance to a mitigated version of the LMOS. The addon can only be installed once and will not execute again once the firmware upgrade is performed. It is recommended to delete the addon after the firmware upgrade has been completed.

 

Current LMOS version is prior to 7.1.16:

The SecPatch Addon is not compatible with versions prior to 7.1.16. Any customers currently on these versions will need to contact support in order to mitigate the vulnerability. The Kemp Customer Support team can be contacted here.

Was this article helpful?

0 out of 0 found this helpful

Comments