Security News > 2022 > March > Critical Sophos Firewall vulnerability allows remote code execution
Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution.
Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall.
On Friday, Sophos disclosed a critical remote code execution vulnerability impacting Sophos Firewall versions 18.5 MR3 and earlier that the company released hotfixes for.
"There is no action required for Sophos Firewall customers with the 'Allow automatic installation of hotfixes' feature enabled. Enabled is the default setting," explains Sophos in its security advisory.
It remains crucial to ensure your Sophos Firewall instances are receiving the latest security patches and hotfixes timely, given that attackers have targeted vulnerable Sophos Firewall instances in the past.
In early 2020, Sophos fixed a zero-day SQL injection vulnerability in its XG Firewall following reports that hackers were actively exploiting it in attacks.
News URL
Related news
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk (source)
- Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications (source)
- GitLab warns of critical pipeline execution vulnerability (source)
- Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- That doomsday critical Linux bug: It's CUPS. Could lead to remote hijacking of devices (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-25 | CVE-2022-1040 | Unspecified vulnerability in Sophos Sfos An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. | 9.8 |