Threat Advisories

What can you do about the critical vulnerability in OpenSSL 3.0

October 28, 2022

Threat Level

Red

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

OpenSSL has a critical vulnerability that affects all the versions from 3.0 to 3.0.6. Due to the criticality of the vulnerability, OpenSSL has pre-announced the security update for security teams to be prepared. As part of the pre-announcement, they also stated that they will release OpenSSL 3.0.7 on 1st November 2022.

Threat Actors launch a campaign to exploit vulnerability in Fortinet

WHAT YOU SHOULD KNOW: Patch OpenSSL 3.x