Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795

in recent scanning, we received "SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)" vulnerability on port 22.

just use this command in nmap "nmap -sV -p 22 --script ssh2-enum-algos 192.168.xxx.xxx"

if it shows "chacha20-poly1305@openssh.com" or any this with "-etm" then it will enables the Terrapin Attack.

i had latest firmware version SFOS 20.0.0 GA-Build222.

will it get patch or need to do anything manually.

.



Added V20 TAG
[edited by: Erick Jan at 8:01 AM (GMT -7) on 4 Apr 2024]
Parents Reply
  • hope  v20.0.2 MR-2 will get release soon. also kindly inform to your developer team that atleast  v20.0.2 MR-2 will not create any issue to update firmware to firewall. as version SFOS 20.0.0 GA-Build222 cause issue for update due to DHCP and to get update this firmware we have to disable the DHCP in firewall.

    if possible can you provide any approx. date for the release of  v20.0.2 MR-2 firmware.

Children