16 advisories tracked · Sophos (security-alert@sophos.com CNA) via NVD · checked automatically every minute
Pick your product and enter the exact software release it runs. We match it against the affected/fixed versions in Sophos's recent advisories.
Sophos (security-alert@sophos.com CNA) via NVD
Sophos is its own CVE Numbering Authority. VulniPulse ingests Sophos's CVEs from the NVD CNA feed (security-alert@sophos.com), each linking to its sophos.com advisory. Covers Sophos Firewall (XG/XGS, SFOS), Intercept X / Sophos Central endpoint, Sophos UTM, Sophos Mobile, Sophos Connect VPN and the Web/Email appliances — its firewalls are a repeated mass-exploitation target (the 'Pacific Rim' campaign), so an MSP-heavy, alert-hungry community.
Visit Sophos security advisoriesA post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to administrators achieving arbitrary code execution.
A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on Sophos Email Appliance older than version 4.5.3.4.
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA.
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA.
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA.
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.
A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator privileges.