Security News > 2022 > March > Critical Sophos Security Bug Allows RCE on Firewalls

Critical Sophos Security Bug Allows RCE on Firewalls
2022-03-28 17:33

Cybersecurity stalwart Sophos has plugged a critical vulnerability in its firewall product, which could allow remote code-execution.

The flaw, tracked as CVE-2022-1040, is specifically an authentication-bypass vulnerability in the User Portal and Webadmin of the Sophos Firewall.

Sophos did not provide technical details or a CVSS score for the bug, but listed it as "Critical."

"Customers can protect themselves from external attackers by ensuring their User Portal and Webadmin are not exposed to WAN," according to Sophos.

"Disable WAN access to the User Portal and Webadmin by following device access best practices and instead use VPN and/or Sophos Central for remote access and management."

An unnamed independent researcher was credited with reporting the flaw via Sophos' bug bounty.


News URL

https://threatpost.com/critical-sophos-security-bug-rce-firewalls/179127/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-03-25 CVE-2022-1040 Unspecified vulnerability in Sophos Sfos
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
network
low complexity
sophos
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sophos 70 11 77 42 22 152