Hi Sophos Community,

This is a maintenance release to address vulnerabilities reported in third party components used by Sophos Connect, as well as one field reported issue.

Component Updates

The following components are upgraded in this release to address security and maintenance reports:

Component Name Old Version New Version
OpenVPN 2.6.10 2.6.12
StrongSWAN 5.9.5 5.9.6
OpenSSL 1.1.1w 3.3.2
Civitweb 1.15 1.16

Security Issues Resolved

The following reported vulnerabilities are addressed by the components upgraded in this release:

Component

Vulnerability ID / Link

Severity

OpenVPN

NVD - CVE-2024-5594

CRITICAL

OpenSSL

NVD - CVE-2024-9143

HIGH

OpenSSL

NVD - CVE-2024-4741

MEDIUM

OpenSSL

NVD - CVE-2024-2511

MEDIUM

OpenSSL

NVD - CVE-2024-0727

MEDIUM

OpenSSL

NVD - CVE-2024-5535

MEDIUM

OpenSSL

NVD - CVE-2024-13176

MEDIUM

StrongSWAN

NVD - CVE-2022-4967

HIGH

Client Issues Resolved

The following field reported issue is resolved in this release:

Issue ID Description
NCL-1820 Resolved an issue where IPsec users were disconnected sporadically and couldn't reconnect.

Download

  • Public download site - may take time after this article publishes to be available
  • Or from SFOS Web UI
    • From WebAdmin - Navigate to Remote Access > Download Client
    • From VPN Portal - Login and click hte Sophos Connect client download for your OS
       

OS Compatibility

Sophos Connect Windows OS support - Version 2.3 MR3 

Platform Version Architecture Status Notes
Windows Desktops 10/11 x86/x64 Supported All Windows 10/11 editions included
Windows Desktops Older  Versions x86/x64 UNTESTED
Windows Servers All Versions x86/x64 UNTESTED
Windows Desktops 11 ARM NOT SUPPORTED ARM support is in active planning

Sophos Connect MacOS Support - Version 1.4 MR1

Platform Version Architecture Status Notes
MacOS v11.x - v15.x M1-M4 ARM CPUs Supported Version names: Big Sur, Monterey, Ventura, Sonoma, Sequoia
MacOS v11.x - v15.x x86/x64 Supported Version names: Big Sur, Monterey, Ventura, Sonoma, Sequoia
  • This release does not update Sophos Connect 1.4, but Mac version is included in download package
  • Admins looking for SSL VPN support on Windows ARM, MacOS, Linux or Mobile platforms may consider using the open-source client OpenVPN Connect 

Additional Links