Aarenet judges the security impact on the Aarenet carrier grade VoIP Systems as low, respectively not-relevant.
The consideration that leads to this judgement is based on the fact that possible attacks can only be performed by local users on a system. Aarenet VoIP systems are accessible over SIP and over Web Services only.
Therefore, despite the system setup vulnerability in theory (Linux running on Intel hardware), there is no enhanced risk to the Aarenet VoIP system setup or actual performance due to Meltdown and Spectre in practice.
In consideration of all circumstances, independent of these new vulnerabilities, Aarenet VoIP systems in a productive environment must be protected from unauthorized logins. Aarenet recommends to achieve this protection through a state of the art firewall between the private or public network and the Aarenet VoIP system.