| Risk | Severity | |------|----------| | Unpatched remote code execution (CVE-2023-XXXX after EOL) | Critical | | No TLS 1.3 support → fails with modern email servers (Outlook) | High | | No MFA or modern auth → requires App Passwords | High | | GDPR/SOX non-compliance due to lack of updates | Medium–High |