iPECS and eMG80 – Security Vulnerabilities on OpenSSL

iPECS and eMG80 – Security Vulnerabilities on OpenSSL

An information leaking error has been detected in the process of implementing the SSL extending protocol named Heartbleed applied from OpenSSL 1.0.1 version on March 2012. 

The Heartbleed virus can harvest information on devices using SSL / TLS, this has just been identified and ELG have therefore released a software fix for iPECS LIK and eMG80 which is now available in the usual software library on the Pragma website.

We strongly advise upgrading all systems to this level where possible, iPECS systems running 5.0 would need to follow the 5.0 to 5.5 process first and can then be taken up to this version by uploading the kernel file and then the App file in the usual way.

iPECS systems running 5.5 / 5.6 can go straight to this version by uploading the kernel and then the app file after the usual reboot.

The eMG80 system is a kernel / App file upload as per normal.

We then advise changing the system passwords and also check the security bulletin available on the solution portal as well as the website bulletin section.

Software Downloads

iPECS-LIK need to be using F.0Di software

eMG80 needs to be using A.0Fb software

LIP-9070 handsets should use 1.2.12i_c software

IP-8800 series of SIP phones should use 1.1.01scm

**This bulletin will be updated if any new information becomes available **

“