During a Vulnerability Assessment and Penetration Testing (VPAT) on Symantec Endpoint Detection and Response (SEDR), vulnerable OpenSSH CBC Mode Ciphers related to Terrapin attack (CVE-2023-48795) are found to be enabled.

Symantec EDR 4.10 and below

Upgrade to SEDR 4.11 which does not use these deprecated OpenSSH crypto suites.

For SEDR 4.10, Hotfix3 is released to cover it and can be installed as follows:
1. To check the patch is available:
patch list -v atp-patch3-4.10.0-1

It should return:

Patch Information: 
Name         : atp-patch3
Version      : 4.10.0
Release      : 1
Architecture : x86_64
Size         : 12 k
Source       : atp-patch3-4.10.0-1.src.rpm
Repository   : patch-rpm-release
Summary      : OpenSSH server hardening
URL          : http://www.broadcom.com
License      : Proprietary
Description  : OpenSSH server config hardening.

Function: main returned success

2. To download the patch:
patch download atp-patch3-4.10.0-1

3. To install:
patch install atp-patch3-4.10.0-1