When a new vulnerability or exposure is added to MITRE's CVE database, FireEye Support often gets the following questions:
Is my FireEye appliance at risk from the vulnerability or exposure described?
Prior to release, FireEye products go through rigorous quality assurance testing by our Engineering department before being independently tested and assessed by our Information Security team.
After release, risk assessments of FireEye hardware are coordinated by our internal Security team in concert with multiple FireEye departments, including Engineering, Product Management, and Support. FireEye can not make an official statement until we have researched and verified each issue and have an understanding of each issue's impact on both our products and our customers.
In the interest of discretion, FireEye may not post a public statement about every CVE; however, reports on vulnerabilities are included in product documentation and release notes:
- From the Documentation Portal, go to Documentation.
- Select your product. For example, NX Series.
- From the drop-down menu, choose the major version number and:
- In the Reference Guides section, select Vulnerability Reports.
- In the Release notes section, select the version number corresponding to your product version.
For information about new vulnerabilities or exposures, check the Vulnerabilities and Exposures space and if you have questions, post in the Support Community. We post updates about critical CVEs currently being reviewed or respond to general CVE questions there.
Does my FireEye appliance detect malware exploiting the reported vulnerability or exposure?
In general, FireEye appliances alert on suspected malicious behavior of malware; these alerts do not rely on knowing or understanding the vulnerability itself. For more information on our alerts, please see FireEye Alerts: When does an alert indicate an infection?.
For vulnerabilities and exposures that have only been discovered in laboratory situations, there may not actually be malware targeting those specific weaknesses. Without an actual malware sample available to test, we are not able to describe which alerts our appliances would generate in response.
Thanks to our Legal team for contributing to this article!
- 9 Nov 2017:
- Added reference to CVE space
- Updated Documentation paths
- 17 Feb 2016: Updated Documentation paths