Syncro - splashtop integration causing open SSL vulnerability - #CVE-2023-4807
On January 17, 2024, an outdated version of OpenSSL was found within the Splashtop software used for remote connections, which contains known vulnerabilities. These vulnerabilities were located in specific files that handle encryption within Splashtop Remote Server on Windows computers. The vulnerabilities, CVE-2023-4807 and CVE-2023-5363, were discovered in version 3.0.8.0 of OpenSSL. The user inquiring sought an update to the newer version of OpenSSL in order to fix these vulnerabilities and strengthen security. Updating OpenSSL would mitigate the vulnerabilities that were found from using the outdated version.