Security News > 2022 > March > Critical Sophos Firewall vulnerability allows remote code execution
Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution.
Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall.
On Friday, Sophos disclosed a critical remote code execution vulnerability impacting Sophos Firewall versions 18.5 MR3 and earlier that the company released hotfixes for.
"There is no action required for Sophos Firewall customers with the 'Allow automatic installation of hotfixes' feature enabled. Enabled is the default setting," explains Sophos in its security advisory.
It remains crucial to ensure your Sophos Firewall instances are receiving the latest security patches and hotfixes timely, given that attackers have targeted vulnerable Sophos Firewall instances in the past.
In early 2020, Sophos fixed a zero-day SQL injection vulnerability in its XG Firewall following reports that hackers were actively exploiting it in attacks.
News URL
Related news
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)
- Critical flaws in Mongoose library expose MongoDB to data thieves, code execution (source)
- Wallbleed vulnerability unearths secrets of China's Great Firewall 125 bytes at a time (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- IBM scores perfect 10 ... vulnerability in mission-critical OS AIX (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- WordPress security plugin WP Ghost vulnerable to remote code execution bug (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-25 | CVE-2022-1040 | Unspecified vulnerability in Sophos Sfos An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. | 9.8 |