RFL is dedicated to assisting customers with NERC CIP regulatory requirements, and currently offers a multitude of information for our products' cyber assets and customer information protection. RFL provides automatic Cyber Security Bulletin update notifications, which will save you from having to check for updates every 35 days. You will need to register for an RFL Download Account to have access to the Bulletins and other NERC CIP information.
Email us at
Customer Information Protection Policy Statement
NERC CIP - Bulk Electric System Cyber System Information (BES CSI)
RFL's product models with the ability to store BES CSI are currently the: eXmux®, GARD, IMUX and 9745 family of products. Please click here to view the Bulletin (requires logging into the Downloads space).
Cyber Security Bulletins
To download Cyber Security bulletins, you must log in with your customer account.
RFL Product Cyber Security Patch Status
You must be logged in to review the RFL Product Cyber Security Patch Status table. Please log in with your customer account below, or click here to register for a customer account.
Security Patch Status
| Product | Last Patch Firmware | Patch Description | Date |
|---|---|---|---|
| 9508 Analog | None | - | - |
| 9508D (Digital) | None | - | - |
| 9745 Teleprotection System |
None | - | - |
| 9780/9785 Powerline Carrier System |
None | - | - |
| eXmux® 3500/3500M | System Software 7.0.9512 |
Addressed Security Issue related to receiving UDP packets with port number 1024 & 1025 and length 0 | 10/2017 |
| eXmux® 3501/3501M IP Access Multiplexer |
System Software 7.0.9512 / 7.0.9542 |
Addressed Security Issue related to receiving UDP packets with port number 1024 & 1025 and length 0 | 10/2017 |
| eXmux® Family of Products | eXmux® VNMS 10.1.0.20561 |
VNMS no longer stores user credentials in the network file when saving the file. Deletion of all network files saved by any prior version to VNMS 10.1.0.20561 is recommended. | 05/2023 |
| eXmux® Family of Products | eXmux® VNMS v 10.2.0.20592 |
● Upgraded OpenSSH from OpenSSH_6.6p1, which has been identified to have multiple vulnerabilities, to OpenSSH_7.2p2, to address those vulnerabilities. ● Added the ability to enable/disable OpenSSH configuration parameters via CLI commands. ● Also added CLI legacy Mode option to support backward compatibility with OpenSSH_6.6p1. |
09/2023 |
| GARD 8000® Protection System with 500400 Controller | System Firmware 8.3.5 | Disable HTTP Put command on front and rear Ethernet ports | 04/2017 |
| GARD 8000® Protection System with 500400-1 Controller | System Firmware 8.5.2 | Disable HTTP Put command on front and rear Ethernet ports | 04/2017 |
| GARD 8000® Protection System with 500400-2 Controller | System Firmware 10.4.2.57 & 11.4.2.108 |
'Final mitigation for cross-site scripting vulnerability as detailed in cyber security bulletin CS-021. | 01/2024 |
| GARD Pro® Protection System | System Firmware 2.6.7.286 & 2.7.7.184 | Mitigation for SSL vulnerabilities as detailed in cyber security bulletins CS-022 and CS-023. | 11/2023 |
| GARD Pro® 61850 | System Firmware 3.4.14.288 | Mitigation for SSL vulnerabilities as detailed in cyber security bulletins CS-022 and CS-023. For additional non-cyber security changes, please review Bulletin PBF-023. |
12/2023 |
| IMUX 2000 T1/E1 Multiplexer |
None | - | - |
