Browse FAQs

Are NetBotz appliances vulnerable to the "Freak" exploit (CVE-2015-0204)?

Published date: 28 July 2020

Are NetBotz appliances vulnerable to the "Freak" exploit (CVE-2015-0204)

Product Line:
NetBotz v3 Wall Appliance: 355/356 (NBWL0355/6) & 455/456 (NBWL0455/6)
NetBotz v3 Rack Appliance: 450/451 (NBRK0450/1), 550 (NBRK0550), & 570 (NBRK0570)

NetBotz version 2 and 3

Severity: Low

An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session.


In order for FREAK to be exploited, the following things are needed:

A broken or old browser
a server that supports EXPORT algorithms
a successful man in the middle attack

Recommendations are that our customers check their browser versions and make sure that they have versions
that are not affected.  Without an effected browser, this attack is not possible.  The browser should not have a buggy TLS
library and should not accept EXPORT algorithms (as well as other weak ciphers).

On the server side, this issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

OpenSSL 1.0.1 users should upgrade to 1.0.1k.
OpenSSL 1.0.0 users should upgrade to 1.0.0p.
OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

Version 3 NetBotz will be updated with the newer version of OpenSSL to resolve this issue in version 4.5 of the NetBotz (Botzware) firmware.
Version 2 NetBotz will not be updated.

Please contact NetBotz technical support in your region if you have further questions.

Was this helpful?

What can we do to improve the information ?

Can't find what you are looking for?

Reach out to our customer care team to receive information on technical support, assistance for complaints and more.