FREAK - CVE-2015-0204

A vulnerability (CVE-2015-0204) named "FREAK" (Factoring RSA EXPORT Keys) has been discovered which can facilitate a man-in-the-middle attack and force a browser to export a weak 512-bit key, which can be factored in just a few hours. 

KEMP has determined that all LoadMasters running version 7.1-24b are not affected by FREAK as the underlying OpenSSL version (1.0.1k) is not affected. All LoadMasters running version 7.0-10h are also not affected, because no SGC ciphers are included in the set of hardcoded cipher suites implemented.

To obtain firmware downloads please click here


For further information on this vulnerability please see


KEMP is committed to resolving security vulnerabilities carefully and quickly.  If you think you have found a security flaw in a KEMP product, please send all supporting information to

Was this article helpful?

0 out of 0 found this helpful



OpenSSL released new version as 1.0.1m, this is for mitigate some vulnerabilities related to the ASN1 interface.
Are these vulnerabilities affect to the current version of LoadMaster?