Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

HP Ships Network Switches With Malware Infected Flash Cards

HP Warns That Compact Flash Cards Shipped With HP ProCurve 5400 zl Switches Could Be Infected With Malware

HP has warned of a security vulnerability associated with its ProCurve 5400 zl switches that contain compact flash cards that the company says may be infected with malware. The company warned that using one of the infected compact flash cards in question on computer could result in the system being compromised.

HP Warns That Compact Flash Cards Shipped With HP ProCurve 5400 zl Switches Could Be Infected With Malware

HP has warned of a security vulnerability associated with its ProCurve 5400 zl switches that contain compact flash cards that the company says may be infected with malware. The company warned that using one of the infected compact flash cards in question on computer could result in the system being compromised.

It’s unclear what type of malware may be on the infected flash cards, where it came from, and the extent of the damage that could come as a result of a PC being infected, but SecurityWeek has reached out to HP for comment and will update the story accordingly. (Update 04/12 10am ET: An HP Spokesperson did respond to a SecurityWeek inquiry but has yet to provide answers on the type of malware, when it was discovered, and where it could have come from, instead directing us to the security advisory. We’re working to get these questions answered and hope to update this soon.)

HP 5400 zl SwitchAccording to HP’s Software Security Response Team, the potential threat exists on HP 5400 zl series switches purchased after April 30, 2011 with certain serial numbers listed in the security advisory.

HP said the vulnerability can be resolved via a “Software Purge Option” or a hardware replacement option. With the software purge, HP has a script that will delete malicious file(s) and directory in question without causing any switch downtime.

HP notes that for customers who have 5400 zl switches that are not on their network and must be purged, or for those not comfortable with performing the software purge option, HP will send a replacement Management Module to the customer. The downside to this option, HP says, is that the 5400 zl switch must be powered down in order to replace the Management Module, resulting in downtime.

According to HP product documentation, the HP 5400 zl Switch Series consists of advanced intelligent switches in the HP modular chassis product line which includes 6-slot and 12-slot chassis and associated zl modules and bundles. 

This issue once again brings attention to the security of the electronics supply chain which has been a hot topic as of late.

Advertisement. Scroll to continue reading.

In March 2012, a consortium of experts published a preview of standards meant to improve the security of the global supply chain for commercial software and hardware products. The standards are the work of The Open Group, and are supported by companies ranging from Boeing to Oracle to IBM. The document has been dubbed the Open Trusted Technology Provider Standard (O-TTPS) Snapshot. The standards are being aimed at providers, suppliers and integrators with the goal of enhancing the security of the supply chain and allowing customers to differentiate between providers who adopt the standard’s practices and those who don’t.

Related: The Need to Secure the Cyber Supply Chain

Related: Consortium Pushes Security Standards for Technology Supply Chain

Related: Students Develop Techniques to Keep Malware Out of the Electronics Supply Chain

Related: The Government’s IT Supply Chain is Weak, Says GAO

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.