4 advisories tracked · Sophos (security-alert@sophos.com CNA) via NVD · checked automatically every minute
Pick your product and enter the exact software release it runs. We match it against the affected/fixed versions in Sophos's recent advisories.
Sophos (security-alert@sophos.com CNA) via NVD
Sophos is its own CVE Numbering Authority. VulniPulse ingests Sophos's CVEs from the NVD CNA feed (security-alert@sophos.com), each linking to its sophos.com advisory. Covers Sophos Firewall (XG/XGS, SFOS), Intercept X / Sophos Central endpoint, Sophos UTM, Sophos Mobile, Sophos Connect VPN and the Web/Email appliances — its firewalls are a repeated mass-exploitation target (the 'Pacific Rim' campaign), so an MSP-heavy, alert-hungry community.
Visit Sophos security advisoriesA local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution.
A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM.
A vulnerability related to registry permissions in the Intercept X for Windows updater prior to Core Agent version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade.
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.