Dongle Driver Vulnerability

23 May 2018

Dongle Driver Vulnerability

Flexera has notified us of security vulnerabilities in the hardware key (dongle) drivers for the FLEXid (9-) keys we ship with many of our products. The hardware key manufacturer, Gemalto, has released updated drivers to address these vulnerabilities and Mentor has incorporated the new drivers in our Mentor Standard Licensing (MSL) v2018_1 release of licensing.

You can read more detail about the risks here:

https://ics-cert.kaspersky.com/alerts/2017/10/03/several-more-vulnerabilities-found-and-closed-in-popular-license-manager/ .

Mentor is recommending that all customers who own hardware keys used with their Mentor software update their driver immediately. Customers with logins for Mentor’s Support Center should refer to KB Article MG602519 for further details and update information. Customers without Support Center logins should access the updated drivers directly from Gemalto.

We encourage you to disseminate this information to everyone in your organization who may be using or has used one of these FLEXid keys.

Global Support and Services
Mentor, A Siemens Business