San Antonio, TX – April 15, 2013 – Digital Defense, Inc. (DDI), a leading provider of managed cloud-based security risk assessments, announced a zero-day finding, discovered by the company’s Vulnerability Research Team (VRT). The flaw is a directory traversal which resides in the Dell EqualLogic solution. A remote unauthenticated attacker could potentially leverage the vulnerability to retrieve system files. This security issue was revealed using DDI’s patent-pending vulnerability scanning technology.
Dell has been swift in responding to the issue, stating that the vulnerability will be addressed in both the next maintenance release of the firmware, version 6.0.4, and in the next major firmware version. Dell plans to release the updated firmware on April 15, 2013 and has stated that it will be available to customers with valid support agreements through the EqualLogic support website https://support.equallogic.com/ EqualLogic customers are encouraged to update their systems in a timely manner to mitigate any potential risk associated with the vulnerability.
Larry Hurtado, DDI President & CEO, states, “Zero-Day Vulnerabilities, those flaws which have not been previously identified, add significant risk to a company’s security of critical information assets. The delivery of our solutions through a cloud-based platform, coupled with a research team that is continuously extracting and analyzing data, enables a heightened level of security for our clients.”
DDI’s continues to demonstrate the strength of the organization’s research expertise through multiple Zero-day discoveries over the past 12 months including those within widely used platforms such as VMware®, Novell® and Epicor®. This Decisive Security Intelligence is improving the security posture of organizations across the globe.
In addition to security intelligence, DDI is gaining recognition for their unique approach to evaluating organizational security through risk assessments and security awareness education. The company was recently featured in a Wall Street Journal article.