Secure Elements says customers need not worry about 19 flaws in its vulnerability management and auditing software, which were reported by the US Computer Emergency Readiness Team (US-Cert) yesterday.
US-Cert is part of the US government’s Department of Homeland Security and some users were understandably alarmed to hear that their security monitoring software suffered serious security vulnerabilities.
But Secure Elements maintains that the vulnerabilities reported were known to the company last November and that all the reported flaws have now been patched.
The company said it had been helping to migrate all its customers to fully patched products since January.
US-Cert published details of 19 flaws in Version 2.8.0 of Secure Elements’ C5 EVM vulnerability management suite.
Secure Elements said US-Cert, in publicising the flaws, was just working to its normal practice of publishing all flaws it finds. The affected product is now no longer available.