TRENDnet Heartbleed Security Advisory
Security Advisory Relating to OpenSSL "Heartbleed" Vulnerability

DATE PUBLISHED: 4/15/2014

This information applies to all TRENDnet products

Heartbleed Hack Summary

An OpenSSL vulnerability allows a remote attacker to expose sensitive data, including authentication credentials and security keys, through memory handling in the TLS heartbeat extension of OpenSSL versions 1.0.1 through 1.0.1f. An attacker can capture memory from the host 64K at a time. Successive 64K sections of memory can be captured until the desired data is attained.

TRENDnet Products Not Affected

TRENDnet executed a complete review of all products. Some TRENDnet products do use OpenSSL however the respective products use a different OpenSSL version which is not impacted by this vulnerability. No current TRENDnet products are vulnerable to the "Heartbleed" Vulnerability and no action is required by TRENDnet customers.