New SSH vulnerabili...
Clear all

New SSH vulnerability: CVE-2023-48795

0 Posts
2 Users
0 Reactions
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

I do not know if Absolute Telnet is impacted by this. I'm just passing the info along as I've been getting news alerts about it.

[url= ]CVE Record | CVE[/url]

[url= ]NVD - CVE-2023-48795[/url]

Member Admin
Joined: 6 months ago
Posts: 1398

I'm looking into it. This is a fairly recent development.

Best practice recommendation is to disable vulnerable algorithms.... ETM macs (options/properties/connection/ssh2/encryption), cbc mode encryptions (same page) as well as ChaCha20-Poly1305 (but Absolute doesn't even implement that)

To disable an algorithm, select it and re-order it below the 'algorithms below this line are disabled' line.

There will likely be a new version coming out to address this specifically. OpenSSH has introduced a feature called "strict key exchange" which is rapidly becoming the de-facto solution for this.

Stay tuned....


Member Admin
Joined: 6 months ago
Posts: 1398

Update have been made that address the Terrapin vulnerability.

See here for details:

Go here to download Absolute 12.11 or higher: