Security News > 2022 > March > Sophos fixes critical hijack flaw in firewall offering

Sophos has patched a remote code execution vulnerability in its firewall gear that was disclosed via its bug-bounty program.

The flaw is present in the User Portal and Webadmin user interfaces of Sophos Firewall.

The vulnerable versions are Sophos Firewall v18.5 MR3 and older.

Sophos also offered a workaround, saying organizations can further protect themselves against outside attackers by ensuring the User Portal and Webadmin are not exposed to the WAN. If you're running a supported version of Sophos Firewall, you can check to make sure you the latest hotfixes for v17.0 MR10 EAL4+, v17.5 MR16 and MR17, v18.0 MR5(-1) and MR6, v18.5 MR1 and MR2, and v19.0 EAP. There are also hotfixes for some unsupported EOL versions, and if there is no hotfix available for your installation, you'll have to upgrade your software to get protected.

Sophos runs its bug bounty program through Bugcrowd, a crowd-sourced security platform.

The Sophos program offers rewards of $100 to $20,000 per vulnerability found.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/28/sophos-firewall-rce-vulnerability/