Skip to content

March Networks is committed to ensuring the security and reliability of all of our products. We strive to proactively address security threats as they are reported by the U.S Computer Emergency Readiness Team (US-CERT). When we learn of potential vulnerabilities, our team conducts immediate, in-depth investigations across our product lines. If appropriate and required, we take immediate action to prepare software/firmware updates, and to alert you to the availability of these updates.

Security Advisories

Previous security updates impacting March Networks products are listed below, along with the corresponding software versions in which the vulnerability was addressed. Software updates are posted on our partner portal, and can also be found on our Software Downloads page.

If you don’t have access to our partner portal, contact your March Networks certified solution provider for assistance.

Important note regarding Spectre and Meltdown and Bounds check bypass:
The below advisory information represents a preliminary assessment. March Networks will continue to monitor the risk associated with these vulnerabilities and will update this chart as new information becomes available.
CVE Advisory Summary Products Addressed in Release Severity
CVE-2017-5754 Rogue data cache load (Meltdown) 6000,8000,9000, GT, MT Series Recorders;
Edge 4 & Edge 16 Encoders;
ME4 Series & Edge OS 2 Devices
Not Necessary at this time Low
CVE-2017-5754 Rogue data cache load (Meltdown) Command, Searchlight,
Visual Intelligence (R5)
Microsoft Security Patches only Medium
CVE-2017-5753 Bounds check bypass 6000,8000,9000, GT, MT Series Recorders;
Edge 4 & Edge 16 Encoders;
ME4 Series & Edge OS 2 Devices
Not Necessary at this time Low
CVE-2017-5753 Bounds check bypass Command, Searchlight,
Visual Intelligence (R5)
Microsoft Security Patches only Medium
CVE-2017-5715 Branch target injection (Spectre) 6000,8000,9000, GT, MT Series Recorders;
Edge 4 & Edge 16 Encoders;
ME4 Series & Edge OS 2 Devices
Not Necessary at this time Low
CVE-2017-5715 Branch target injection (Spectre) Command, Searchlight,
Visual Intelligence (R5)
Microsoft Security Patches only Medium
CVE-2017-9765 gSOAP Various March Networks Edge Devices Refer to chart Medium
CVE-2017-5638 Apache Struts Jakarta Multipart Parser All No Impact to March Networks products N/A
CVE-2016-0800 Cross-protocol attack on TLS using SSLv2 (DROWN) All No Impact to March Networks products N/A
CVE-2015-1798
CVE-2015-1799
NTP MiM/DOS attacks Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.10 Medium
N/A SSL Certificate Chain Contains RSA Keys Less Than 2048 bits Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.10 Medium
CVE-2015-2808 SSL RC4 Cipher Suites Supported Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.10 Medium
N/A Linux/Moose N/A No Impact to March Networks products Medium
CVE-2015-4000 Logjam Attack N/A No Impact to March Networks products Medium
CVE-2015-0247 e2fsprogs Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.9 SP1 Medium
CVE-2015-0235 Ghost Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.9 SP1 Medium
CVE-2015-0235 Ghost Visual Intelligence (R5)
3000 Series
5.5.1 SP18 Medium
CVE-2015-0293
and others
OpenSSL 0.9.8zf Visual Intelligence (R5)
3000 Series
5.5.1 SP18 High
N/A OpenSSL Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.9 Low
N/A NTP Utilities Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.9 Low
N/A Open SSH Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.9 Low
CVE-2015-0204 FREAK SSL/TLS Vulnerability All No Impact to March Networks products N/A
CVE-2015-0204 FREAK SSL/TLS Vulnerability Edge devices running Edge OS 1.10.6 Medium
CVE-2015-0235 Linux “Ghost” Remote Code Execution Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.9 Low
CVE-2015-0160 Heartbeat Extension Packets Edge devices running Edge OS 1.10.4 Medium
CVE-2014-2609 Oracle GlassFish Server Multiple Vulnerabilities Command 1.8.0 Medium
CVE-2014-0224 OpenSSL 'ChangeCipherSpec' MiTM Vulnerability Visual Intelligence (R5) 
8000 
4000 (Gen 4)
5.7.5 - SP1
5.7.7
High
CVE-2014-0224 OpenSSL 'ChangeCipherSpec' MiTM Vulnerability Visual Intelligence (R5) 
3204
5.5.1 - SP17 High
CVE-2014-0224 OpenSSL 'ChangeCipherSpec' MiTM Vulnerability Command 1.8.0 High
CVE-2014-3566 SSL protocol 3.0 Edge devices running Edge OS 1.10.6 Medium
CVE-2014-0224 OpenSSL 'ChangeCipherSpec' MiTM Vulnerability Edge devices running Edge OS 1.10.6 Medium
CVE-2013-5211 NTP MONLIST vulnerability Visual Intelligence (R5)
8000
4000 (Gen 4)
5.7.2 - SP2
5.7.3 - SP4
5.7.4 - SP3
5.7.8 - SP1
High
CVE-2013-5211 NTP MONLIST vulnerability 5000 Series 4.9.1 - R4 DVRs High
CVE-2012-0920 Dropbear SSH server vulnerability Edge devices running Edge OS 1.10.5 Medium
Get the latest news and information on our IP video products with March Networks News.
Return to top