In the wake of the Heartbleed OpenSSL vulnerability, reports have surfaced that home routers are especially susceptible to the bug. Cisco and Juniper have already confirmed that some of their products are affected, but Linksys - the home router company recently sold to Belkin by Cisco - says it products are fine. The following from Belkin International:
We are aware of the Heartbleed OpenSSL vulnerability, however after thorough testing of our product lines, we can confirm that our routers and WeMo solutions are not impacted. Linksys routers do use OpenSSL however our product line uses another version that is not impacted by this vulnerability. Belkin routers are also not impacted. In regards to our WeMo line of home automation solutions, our firmware does use OpenSSL but like our Linksys routers, they use another version that is not impacted by this vulnerability. Our WeMo products do work with other vendor software solutions however we have taken precautions by changing the credentials they use via our cloud to avoid any potential risk.
The Heartbleed Bug, a flaw in the open source security program OpenSSL, could allow attackers to eavesdrop on Web, e-mail and some VPN communications. OpenSSL implements basic cryptographic functions and utilities.
The Heartbleed vulnerability can be found in servers, Internet routers, home routers, industrial routers and mobile devices. Heartbleed appears to have existed in OpenSSL for about two years. It was discovered by Google and Codenomicon security researchers and disclosed early this week.
More from Cisco Subnet:Cisco Subnet bloggers on Twitter.Jim Duffy on Twitter