Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 11 replies
  • Subscribers 8 subscribers
  • Views 3835 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM VPN TunnelCrack vulnerability

DamoL

Hi Sophos,

Do you have any information on all your products to the TunnelCrack VPN vulnerability? ref: tunnelcrack.mathyvanhoef.com/details.html   CVE numbers CVE-2023-36672CVE-2023-35838CVE-2023-36673 CVE-2023-36671

quick summary: two vulnerabilities are listed: Local traffic can be leaked in plain text, IP of VPN server can be spoofed. 

Regards

Damien



This thread was automatically locked due to age.
Unfiltered HTML