Vulnerabilities > Sophos > Intercept X Endpoint

DATE CVE VULNERABILITY TITLE RISK
2021-11-26 CVE-2021-25269 Unquoted Search Path or Element vulnerability in Sophos products
A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.
local
low complexity
sophos CWE-428
2.1
2020-02-24 CVE-2020-9363 Interpretation Conflict vulnerability in Sophos products
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive.
network
sophos CWE-436
6.8