strongSwan Vulnerability (CVE-2023-26463)

Unlikely, SFOS is affected by this new vulnerability.

Linux strongSwan U5.5.3/K4.14.277

Used Version in SFOS.

Strongswan stated, the affected versions are the two last versions: https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-(cve-2023-26463).html

Regardless, you should create a support case. 

Our version is 5.6.3.

The below CVE mentions affected version as 5.9, so we are not affected by this.

strongSwan Vulnerability (CVE-2023-26463)

Mar 02, 2023

A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.

Our version is 5.6.3.

The below CVE mentions affected version as 5.9, so we are not affected by this.

strongSwan Vulnerability (CVE-2023-26463)

Mar 02, 2023

A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.