Security News > 2022 > March > Critical Sophos Firewall vulnerability allows remote code execution

Critical Sophos Firewall vulnerability allows remote code execution
2022-03-27 12:03

Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution.

Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall.

On Friday, Sophos disclosed a critical remote code execution vulnerability impacting Sophos Firewall versions 18.5 MR3 and earlier that the company released hotfixes for.

"There is no action required for Sophos Firewall customers with the 'Allow automatic installation of hotfixes' feature enabled. Enabled is the default setting," explains Sophos in its security advisory.

It remains crucial to ensure your Sophos Firewall instances are receiving the latest security patches and hotfixes timely, given that attackers have targeted vulnerable Sophos Firewall instances in the past.

In early 2020, Sophos fixed a zero-day SQL injection vulnerability in its XG Firewall following reports that hackers were actively exploiting it in attacks.


News URL

https://www.bleepingcomputer.com/news/security/critical-sophos-firewall-vulnerability-allows-remote-code-execution/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-03-25 CVE-2022-1040 Unspecified vulnerability in Sophos Sfos
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
network
low complexity
sophos
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sophos 70 11 77 42 22 152