SA-2025-116 - OpenSSL OOB Read Write Flaw (CVE-202... - Extreme Networks

Summary

Out-of-bounds read/write flaw in OpenSSL’s RFC 3211 KEK unwrap function, affecting CMS decryption with password-based encryption. Malicious inputs could trigger denial of service or, in rare cases, code execution.

Products not listed in the Impact Details section have not been evaluated. Furthermore, products that have exceeded any software maintenance time periods are also not evaluated and will not be published. Please consult End of Sale and End of Service Life - Extreme Networks for the EOL notices related to the product under question.

Products Potentially Affected

OS/Product	Exposure
ExtremeAnalytics for Site Engine	Yes
ExtremeCloud IQ - Site Engine (XIQ-SE)	Yes
ExtremeControl for Site Engine	Yes

Repair Recommendations

ExtremeAnalytics for Site Engine:
- Fixed in 25.11.10 or later.

ExtremeCloud IQ - Site Engine (XIQ-SE):
- Fixed in 25.11.10 or later.

ExtremeControl for Site Engine:
- Fixed in 25.11.10 or later.

Please see the full Security Advisory article here for more details and future updates.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Extreme Networks

SA-2025-116 - OpenSSL OOB Read Write Flaw (CVE-2025-9230)

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)