These important vulnerabilities related to low level CPU operations have recently been announced. ExtraHop has investigated and we want to share what we know and our plans to fix these issues.
ExtraHop appliance products are technically vulnerable to all three information leak variants (CVE-2017-5353, 5715 and 5754), however all variants require execution of arbitrary code on the target machine. The only way arbitrary code can be executed on the closed appliance is with triggers and we do not believe the attack is possible through triggers. Still, Administrators should not install untrusted bundles.
ExtraHop will be patching our appliances when final upstream patches are released and tested.
ExtraHop virtual appliances may be vulnerable to information leaks until the supervising hypervisor is patched. System administrators should patch hypervisors when patches are available.
ExtraHop is continually evaluating our product and patching when security issues are made public.
Also see https://extrahop.com/security for information on our security policies.