What are downgrade attacks?

In software security, downgrade attacks are network attacks that force victims to use older, more vulnerable versions of software in order to exploit known vulnerabilities against them.

This has been especially dangerous in TLS clients supporting both modern and earlier versions of TLS, the latter being vulnerable to known network attacks. You can find more information about the imperfections of older TLS versions in our TLS 1.0 deprecation article.