You see this notification on the Trend Micro Home Network Security app:
Why did this happen?
A device vulnerable to an SSL-Poodle attack is detected in your home network.
What are the possible risks?
This vulnerability allows man-in-the-middle attackers to break network encryption and to intercept, relay, and possibly alter communications between users and devices.
The attacker can read, steal sensitive information (e.g., passwords, financial data, credit card numbers, emails, instant messages, and documents), and can impersonate, intercept or change the content of trusted websites.
This is a HTTPS cryptographic vulnerability, and attackers may be able to decrypt encrypted cipher-text data.
What should I do next?
Make sure your router is updated to its latest device firmware.
Here are some devices that released firmware update:
- (HP Issues Fix for HP Printers) OpenSSL SSL 3.0 Protocol Downgrade Flaw Lets Remote Users Decrypt SSL Traffic
- SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
What if I have more questions?
Check out these articles: