Security update Dualog Connection Suite, December 2020

Some attention has been raised lately regarding vulnerabilities in Dualog Connection Suite. This attention is based on findings from the company PenTestPartners (PTP) who have on one occasion tested Dualog Connection Suite version 2.39. 

PTP has, per best practices, reported five specific vulnerabilities. In this section, you can find a listing of all the Common Vulnerabilities and Exposures (CVEs) with more detail on each particular vulnerability and their fixes or workarounds. 

In summary, Dualog has created fixes for all but one of the CVE's in Dualog Connection Suite release 3.0. We, therefore, encourage all customers to upgrade to the latest version of Connection Suite. You can find the latest installers here.

If you have any questions regarding security or the CVE's in particular, please contact your primary contact in Dualog or send your question to our CISO, Geir Inge Jensen. 

If you are a security professional, you can find additional information in our Vulnerability Disclosure Program on our website or by sending an email to security@dualog.com.

Export article
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.