What is the severity of CVE-2017-17023?

The severity of CVE-2017-17023 is critical with a CVSS score of 8.1.

What software is affected by CVE-2017-17023?

The affected software is Sophos IPSec Client 11.04 and NCP Secure Entry Client 10.11 r32792.

What is the vulnerability in the VPN client?

The vulnerability in the VPN client is related to the software update feature.

How can I fix CVE-2017-17023?

To fix CVE-2017-17023, update the affected software to the latest version provided by the vendor.

Where can I find more information about CVE-2017-17023?

More information about CVE-2017-17023 can be found at the following references: [Reference 1](https://www.ncp-e.com/en/resources/download-vpn-client/#c8680) and [Reference 2](https://www.ncp-e.com/fileadmin/pdf/service_support/release_notes/NCP_Secure_Clients/NCP_Secure_Entry_Client/NCP_RN_Win_Secure_Entry_Client_11_14_r42039_en.pdf).

Vulnerability/
CVE-2017-17023

critical

9.3

CWE

345

9/4/2019

3/10/2019

CVE-2017-17023

First published: Tue Apr 09 2019(Updated: )

The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows a man-in-the-middle (MITM) or man-on-the-side (MOTS) attacker to execute arbitrary, malicious software on a target user's computer. This is related to SIC_V11.04-64.exe (Sophos), NCP_EntryCl_Windows_x86_1004_31799.exe (NCP), and ncpmon.exe (both Sophos and NCP). The vulnerability exists because: (1) the VPN client requests update metadata over an insecure HTTP connection; and (2) the client software does not check if the software update is signed before running it.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Ncp-e Ncp Secure Entry Client	=10.11-32792
Sophos IPSec Client	=11.04

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-17023?
The severity of CVE-2017-17023 is critical with a CVSS score of 8.1.
What software is affected by CVE-2017-17023?
The affected software is Sophos IPSec Client 11.04 and NCP Secure Entry Client 10.11 r32792.
What is the vulnerability in the VPN client?
The vulnerability in the VPN client is related to the software update feature.
How can I fix CVE-2017-17023?
To fix CVE-2017-17023, update the affected software to the latest version provided by the vendor.
Where can I find more information about CVE-2017-17023?
More information about CVE-2017-17023 can be found at the following references: [Reference 1](https://www.ncp-e.com/en/resources/download-vpn-client/#c8680) and [Reference 2](https://www.ncp-e.com/fileadmin/pdf/service_support/release_notes/NCP_Secure_Clients/NCP_Secure_Entry_Client/NCP_RN_Win_Secure_Entry_Client_11_14_r42039_en.pdf).

collector/nvd-index
vendor/ncp-e
product/ncp secure entry client
canonical/ncp-e ncp secure entry client
vendor/sophos
product/ipsec client
canonical/sophos ipsec client

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.