MINNEAPOLIS, Minn.—September 26, 2014— On September 25, 2014, the United States Computer Emergency Readiness Team (US-CERT) reported a critical vulnerability in the GNU Bourne Again Shell (Bash). The issue and its effect on Ecessa software have been investigated. In response, Ecessa today released updated software to mitigate risk of exploitation. You may read Ecessa’s support notice here.
Ecessa advises updating firmware to the most current revision of the version you are using for all supported hardware. The new revisions contain security updates to mitigate vulnerability from unauthenticated and authenticated sources.
Today’s releases that address the Shellshock vulnerability include:
To update your Ecessa devices to current software , please see https://support.ecessa.com/hc/en-us/articles/200143446-How-do-I-upgrade-the-firmware-on-the-Ecessa-appliance- .
To limit access to your Ecessa devices, we recommend following security best practices, including:
For specific instructions on restricting access to Ecessa devices please see the following articles:
Let our team of experts find the right solution for you. Fill out our simple form and we’ll take it from there.