Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SFOS and SG UTM affected by SMTP/EXIM CVE-2023-51766?

Hi, 

are SOFS and SG UTM affected by CVE-2023-51766 (Sender Spoofing by SMTP)?



This thread was automatically locked due to age.
Parents
  • I submitted this through sophos support (ticket 07155188) on 20th of december, asked for a status on 22/28th of december, it was forwarded like 10 times and I escalated it eventually as I only got answers with no actual response and still is was only picked up on the 5th of Januari.

    I understand that there was a holiday period, but this shouldn't matter for a security product. I found the support VERY lacking, we pay quite a lot for support with about ~10 UTM's with even some SG650's at one of our customers site.

  • Can you include the ticket numbers here, or go back to Sophos and update your ticket with the link to this discussion?

Reply Children
  • I have included the ticket number already, but here it is again: 07155188. I have updated the support ticket with a link to this thread and asked if I can report a complaint about the handle time of 2 weeks for a possible zero day issue. Probably lead to nothing, but I will report any progress here.