Sophos Firewall – TheCyberThrone

Sophos fixes Triple Critical Vulnerabilities in its Firewall

Sophos released patches for three critical security vulnerabilities in their widely-used network security tool, Sophos Firewall that posed significant risks, including remote code execution and privilege escalation. CVE-2024-12727: Pre-Authentication SQL…

PravinKarthik December 20, 2024

Sophos Released Hotfixes for CVE-2022-3236

A critical vulnerability in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious code remotely. The vulnerability tracked CVE-2022-3236 with a CVSS score of 9.8, enables attackers…

PravinKarthik December 14, 2023

Sophos Firewall Information Disclosure Vulnerability – CVE-2023-5552

Researchers have discovered a vulnerability in the Sophos Firewall that could leads to a sensitive information disclosure. The vulnerability tracked as CVE-2023-5552 with a CVSS score of 7.1, identified in…

PravinKarthik October 23, 2023

Sophos Firewall and SG UTM affected by recently identified Exim Vulnerability

A critical vulnerability has been discovered in the Exim mailer software, which is widely used in Sophos Firewall and SG UTM products. The vulnerability tracked as CVE-2023-42118, could allow a…

PravinKarthik October 9, 2023

Sophos Addresses High severity security flaws

Sophos has released patches to address vulnerabilities in Sophos Firewall version 19.5, including arbitrary code execution bugs. The most severe issue addressed is a critical code injection vulnerability tracked as…

PravinKarthik December 9, 2022

Sophos fixes RCE in its Firewall product

Sophos has patched an actively exploited RCE vulnerability tracked as CVE-2022-3236 in its Firewall products. Also it communicated to the organization directly about the vulnerability. CVE-2022-3236 is a code injection…

PravinKarthik September 26, 2022

DriftingCloud APT Exploits Sophos Vulnerability

A sophisticated Chinese APT caught exploiting a Sophos firewall zero-day to plant backdoors and launch MiTM attacks. The Sophos firewall vulnerability tracked as CVE-2022-1040 was patched in March this year…

PravinKarthik June 19, 2022

Sophos Patches Critical Flaws in its firewall

Sophos has patched a crucial vulnerability in its Sophos Firewall product that enables distant code execution (RCE). Tracked as CVE-2022-1040 with CVSS score of 9.8, the authentication bypass vulnerability exists within the Consumer Portal…

PravinKarthik March 28, 2022