Skip to main content

Sophos Firewall Remote Code Execution Vulnerability

Last Update Date: 27 Sep 2022 Release Date: 26 Sep 2022 6401 Views

RISK: Extremely High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in Sophos Firewall. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note: Sophos stated that the vulnerability CVE-2022-3236 within the Sophos Firewall firmware was used to target a small subset of organisations.


Impact

  • Remote Code Execution

System / Technologies affected

  • Sophos Firewall version prior to v19.0 MR1 (19.0.1)

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

 

Note: There is no action required for Sophos Firewall customers with the "Allow automatic installation of hotfixes" feature enabled. Enabled is the default setting.


Vulnerability Identifier


Source


Related Link