Back to all security reports

DROWN OpenSSL Vulnerability

On March 1st, 2016, a potential vulnerability (CVE-2016-0800) nicknamed DROWN was disclosed in OpenSSL regarding the support for SSLv2. This vulnerability mostly affects secure web sites (HTTPS).

Are the eWON products and the Talk2M platform affected by DROWN?

  • The Talk2M Web servers (including M2Web and the Access Server) are not affected by this vulnerability (Support for SSLv2 has been disabled for several years). However, servers have been patched for maximum security.
  • The Talk2M VPN servers are not affected by this vulnerability.
  • eWON products (whether CD, Cosy or Flexy) are not affected.