When a new vulnerability or exposure is added to MITRE's CVE database, FireEye Support often gets the following questions:
Is my FireEye appliance at risk from the vulnerability or exposure described?
Prior to release, FireEye products go through rigorous quality assurance testing by our Engineering department before being independently tested and assessed by our Information Security team.
After release, risk assessments of FireEye hardware are coordinated by our internal Security team in concert with multiple FireEye departments, including Engineering, Product Management, and Support. FireEye can not make an official statement until we have researched and verified each issue and have an understanding of each issue's impact on both our products and our customers.
In the interest of discretion, FireEye may not post a public statement about every CVE; however, reports on vulnerabilities are included in product documentation and release notes:
- From the Documentation Portal, select Product Documentation.
- From the navigation bar, select your product. Example: Network > NX Series
- Full reports: In the Documentation window, select Vulnerability Reports.
- Release notes: In the Documentation window, select the major version number and release notes.
Example: 7.5 > 7.5.3 Release Notes
For questions about new vulnerabilities or exposures, check the Support Community. We post updates about critical CVEs currently being reviewed or respond to general CVE questions there.
Does my FireEye appliance detect malware exploiting the reported vulnerability or exposure?
In general, FireEye appliances alert on suspected malicious behavior of malware; these alerts do not rely on knowing or understanding the vulnerability itself. For more information on our alerts, please see FireEye Alerts: When does an alert indicate an infection?.
For vulnerabilities and exposures that have only been discovered in laboratory situations, there may not actually be malware targeting those specific weaknesses. Without an actual malware sample available to test, we are not able to describe which alerts our appliances would generate in response.
Thanks to our CISO, fe-cso, and our Legal team for contributing to this article!
17 Feb 2016: Updated Documentation paths