Is SPE impacted by CVE-2025-68161
search cancel

Is SPE impacted by CVE-2025-68161

book

Article ID: 426458

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS

Issue/Introduction

You request to know if Symantec Protection Engine (SPE) is impacted by CVE-2025-68161.

Environment

SPE 9.x

Resolution

SPE does not utilize the socket appender component (the vulnerable component in this CVE) and is therefore not impacted by CVE-2025-68161.  Additionally the log4j2 version will be updated to 2.25.3, which is not impacted by CVE-2025-68161, in a future version of SPE.

Powered by Wolken Software