This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE-2020-20813

Hello, I verified that my Sophos XGS SFOS 20.0.0 GA-Build222 has OpenVPN 2.4.7 which is vulnerable to CVE-2020-20813 which according to NIST has a high level. As I use SSL VPN for remote access, I need to know if my firewall is vulnerable.

Best Regards
Marchon

This thread was automatically locked due to age.

Top Replies

Vivek Jagad 4 months ago +1 verified

Hi Elvys Marchon , Thank you for reaching out to the community, SFOS 20.0.1 MR-1 is not affected. For OpenVPN 2.4.7 and earlier are affected SFVUNL_SO01_SFOS 20.0.1 MR-1-Build340# openvpn --version OpenVPN…

Parents

+1 Vivek Jagad 4 months ago

Hi Elvys Marchon ,

Thank you for reaching out to the community, SFOS 20.0.1 MR-1 is not affected.

For OpenVPN 2.4.7 and earlier are affected
SFVUNL_SO01_SFOS 20.0.1 MR-1-Build340# openvpn --version
OpenVPN 2.6.0 x86_64-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD] (Already upgraded)
library versions: OpenSSL 3.0.10 1 Aug 2023, LZO 2.09

Thanks & Regards,
_______________________________________________________________

Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

Log a Support Case | Sophos Service Guide
Best Practices – Support Case | Security Advisories
Compare Sophos next-gen Firewall | Fortune Favors the prepared
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up +1 Vote Down

Cancel

Reply

+1 Vivek Jagad 4 months ago

Hi Elvys Marchon ,

Thank you for reaching out to the community, SFOS 20.0.1 MR-1 is not affected.

For OpenVPN 2.4.7 and earlier are affected
SFVUNL_SO01_SFOS 20.0.1 MR-1-Build340# openvpn --version
OpenVPN 2.6.0 x86_64-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD] (Already upgraded)
library versions: OpenSSL 3.0.10 1 Aug 2023, LZO 2.09

Thanks & Regards,
_______________________________________________________________

Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

Log a Support Case | Sophos Service Guide
Best Practices – Support Case | Security Advisories
Compare Sophos next-gen Firewall | Fortune Favors the prepared
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up +1 Vote Down

Cancel

Children

No Data