vulnerability
SonicWall Email Security: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:C/A:N) | Jan 16, 2024 | Sep 22, 2025 | Sep 22, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:C/A:N)
Published
Jan 16, 2024
Added
Sep 22, 2025
Modified
Sep 22, 2025
Description
On December 18th, 2023, researchers from the Ruhr University Bochum published a protocol flaw in the SSH v2 protocol, called Terrapin Attack. The flaw allows removing encrypted SSH messages at the begin of the communication, allowing downgrade of security aspects of SSH connections. This occurs because the SSH Binary Packet Protocol (BPP), mishandles the handshake phase, and mishandles use of sequence numbers. To carry out the Terrapin attack, a threat actor must be capable of performing a man-in-the-middle (MITM) attack at the network layer. Another precondition is that the connection must be secured by either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC.
Solution
sonicwall-email-security-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.