CVE-2021-25264
First published: Mon May 17 2021(Updated: )
In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator privileges.
Credit: security-alert@sophos.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos Home | <=10.0.3 | |
| Sophos Intercept X | <=9.10.1 | |
| Sophos Intercept X | <=10.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-25264.
What is the severity of CVE-2021-25264?
The severity of CVE-2021-25264 is high with a severity value of 6.7.
Which Sophos Endpoint products for MacOS are affected?
Multiple versions of Sophos Home, Sophos Intercept X with OPM, and Sophos Intercept X with Central for MacOS are affected.
What can a local attacker do with CVE-2021-25264?
A local attacker could execute arbitrary code with administrator privileges.
How can I fix CVE-2021-25264?
Upgrade to the latest versions of the affected Sophos Endpoint products for MacOS.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sophos
- canonical/sophos home
- version/sophos home/10.0.3
- canonical/sophos intercept x
- version/sophos intercept x/9.10.1
- version/sophos intercept x/10.0.3