Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Connect (OpenVPN) Security Statement

Sophos Connect still uses the very old OpenVPN version and there have been some security annoucements since that version:

e.g. the last CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation

Here I would like to hear a statement on how far we are affected with the old OpenVPN version included in Sophos Connect and when an update is finally planned here.
In general, Sophos Connect really needs an update where the known bugs that are mentioned here in the forum or on the KIL are addressed, they are really a pain.

Added TAGs
[edited by: Erick Jan at 7:26 AM (GMT -7) on 11 Apr 2024]
Parents Reply Children
No Data