Mender blog

It is now possible to generate and use Personal Access Tokens on Hosted Mender when performing management API calls.

Before the introduction of this feature, the only way to obtain a JWT token to perform API calls was using the log-in end-point. However, the token returned lasts one week only. Therefore, storing and reusing it, for example, from a CI/CD pipeline or a scheduled job, is not practi...

Before shipping software for embedded devices, it is crucial to test it on real devices, in an environment as close to the actual operating environment as possible. But that does not mean that development and testing necessarily has to happen this way. Running on real devices can often be tedious, time consuming and in some cases may be impractical.

This article will be a step-b...

We recently discovered a vulnerability in the Mender Client versions 3.2.0, 3.2.1, and 3.2.2.

The client listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead of only the localhost interface. Therefore, any client on the same network can connect to...

With a multitude of Internet of Things (IoT) devices scattered globally, managing software remotely becomes critical to the success of enterprises who want to transform in the digital economy. IoT devices can extend into the physical world and most often at large scale without being in close proximity and only reachable at relatively high cost. Therefore, it is not practical to replace an existi...

Many manufacturing and industrial environments have segregated network setups where assets (IoT/embedded devices) are co-located within a local area network and separated from the public internet by an internet gateway device. Segregation increases security, but limits access and control to do software updates to the co-located devices more efficiently.