1. Close the vulnerability
ZEISS recommends updating your FORUM to the version 4.2.5 to ensure continued cybersecurity.
A software patch labeled FORUM 4.2.5 is available for installation. This patch closes the described vulnerability.
Please reach out to your local ZEISS Service team for additional information on upgrading your ZEISS FORUM software.
2. Mitigate the risk
Although installing the patch is highly recommended, we have also identified some mitigation steps.
Where possible, implement or continue to use LDAP or SSO for the FORUM user accounts, as these support more complex authentication schemes e.g.: complex passwords, password expiration, etc.
When LDAP or SSO are not possible, it is recommended that you implement best practices for your user account information:
- Change default passwords
- Use strong passwords
- Do not share passwords
- All users have individual accounts
- Deactivate user accounts when no longer needed, e.g. after an employee leaves the organization
- Change passwords at regular intervals
- Use combinations of capital and lowercase letters, numbers, special characters, etc. in passwords
Please contact your local service team if you need support updating your ZEISS FORUM.