Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 11 replies
  • Subscribers 8 subscribers
  • Views 3848 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM VPN TunnelCrack vulnerability

DamoL

Hi Sophos,

Do you have any information on all your products to the TunnelCrack VPN vulnerability? ref: tunnelcrack.mathyvanhoef.com/details.html   CVE numbers CVE-2023-36672CVE-2023-35838CVE-2023-36673 CVE-2023-36671

quick summary: two vulnerabilities are listed: Local traffic can be leaked in plain text, IP of VPN server can be spoofed. 

Regards

Damien



This thread was automatically locked due to age.
Parents
  • 0

    For me it seems this is a problem/vulnerabilitiy completely on client side - the routing is changed on client side so that the client don´t use the VPN anymore and instead send traffic directly. I don´t think this problem is directly related to Firewall/Sophos...

    regards

Reply
  • 0

    For me it seems this is a problem/vulnerabilitiy completely on client side - the routing is changed on client side so that the client don´t use the VPN anymore and instead send traffic directly. I don´t think this problem is directly related to Firewall/Sophos...

    regards

Children
  • 0 in reply to Steve Weißflog

    Accurate.  However, Sophos now provides their own VPN client, so they are going to most likely be vulnerable potentially in that sense.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Unfiltered HTML