The following security-related issues are resolved in Synergis™ Softwire 12.0.0.
Highest severity of resolved issues: High
To learn about the different severity levels of security vulnerabilities, see What are security updates?
| Issue | Severity | Description |
|---|---|---|
| 4501566 | High | Fixed logging issue that could lead to disclosure of secrets used by the downstream controller. |
| 4355974 | High | Fixed an issue in the session termination in the Synergis Appliance Portal to mitigate security vulnerability CVE-2026-25777. |
| 4273032 | High | Fixed information disclosure logging issue related to downstream controllers. |
| 4616878 | Medium | Fixed a potential information disclosure and tampering vulnerability in the REST API. |
| 4502520 | Medium | Removed an information disclosure issue in the REST API and Synergis Appliance Portal. |
| 4500176 | Medium | Fixed logging issue that could lead to disclosure of sensitive information from the Cloud Agent. |
| 4470604 | Medium | Updated OpenSSL to 3.4.1 to mitigate potential vulnerabilities. |
| 4470470 | Medium | Updated 7zip in the installer to address multiple CVEs. |
| 4369356 | Medium | Enhanced the security of STid SSCP V1 communications. |
| 4208222 | Medium | Added more robust authenticity validation on connections with certain downstream devices. |
| 4066411 | Low | Restricted information available by enforcing authentication on multiple additional endpoints. |