ProxySG & Advanced Secure Gateway

  • Private Community
 View Only

 CVE-2023-51767: OpenSSH Authentication Bypass Vulnerability

ProxyAdmin TRG's profile image
ProxyAdmin TRG posted Aug 15, 2024 08:07 AM

Hi Team,

I would like to know whether below device have been affected by the CVE-2023-51767?

ProxySG S200-10 running on SGOS 6.7.3.12 firmware version.

If its affected, kindly mention the mitigation steps to overcome this vulnerability. 

Also suggest the fixed version.

Thank you.

Serhii Pryshchepa's profile image
Broadcom Employee Serhii Pryshchepa posted Aug 16, 2024 02:23 AM

Hi,

Exploiting this would require direct access of the appliance with the ability to execute arbitrary commands to run signal handlers or launch processes to in order to trigger bit flipping in DRAM.  None of this is possible on SGOS since the SG does not have any CLI interface that allows direct access (ie bash).  This is also really a hardware exploit that is not possible with SGOS.