Latest Sophos Vulnerabilities

CVE-2023-39336
An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve ...
Ivanti Endpoint Management=2022 Service Update 5
Ivanti Endpoint Manager Mobile
Ivanti Sentry
Ivanti Avalanche
Perforce Helix Core Server
Apache Struts
and 8 more
CVE-2023-5552
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the pass...
Sophos Firewall<=19.5.3
CVE-2023-33335
Sophos iView
CVE-2023-33336
Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
Sophos Web Appliance=4.3.9.1
CVE-2023-1671
Sophos Web Appliance Command Injection Vulnerability
Sophos Web Appliance
Sophos Web Appliance<4.3.10.4
CVE-2020-36692
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must...
Sophos Web Appliance<4.3.10.4
CVE-2022-4934
A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.
Sophos Web Appliance<4.3.10.4
CVE-2022-48309
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.
Sophos Connect<2.2.90
CVE-2022-48310
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.
Sophos Connect<2.2.90
CVE-2022-4901
Sophos Connect<2.2.90
CVE-2022-3696
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware<=19.0
Sophos XG Firewall
CVE-2022-3710
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware<19.5
Sophos XG Firewall
CVE-2022-3226
An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware<=19.0
Sophos XG Firewall
CVE-2022-3711
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware<=19.0
Sophos XG Firewall
CVE-2022-3713
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware<=19.0
Sophos XG Firewall
CVE-2022-3709
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware<=19.0
Sophos XG Firewall
CVE-2022-3980
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.
Sophos Mobile>=5.0.0<9.7.5
CVE-2022-3236
Sophos Firewall Code Injection Vulnerability
Sophos Firewall=19.0.1
Sophos Firewall
Sophos Firewall<=19.0.1
CVE-2022-1807
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
Sophos Firewall<18.5
Sophos Firewall=18.5
Sophos Firewall=18.5-mr1
Sophos Firewall=18.5-mr1-1
Sophos Firewall=18.5-mr2
Sophos Firewall=18.5-mr3
and 1 more
CVE-2021-25267
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA.
Sophos Firewall Firmware<19.0
Sophos Firewall
CVE-2021-25266
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and ...
Sophos Authenticator<=3.4
Sophos Intercept X<9.7.3495
CVE-2022-0331
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.
Sophos SFOS<=18.5.2
CVE-2022-1040
Sophos Firewall Authentication Bypass Vulnerability
Sophos SFOS<=18.5.3
CVE-2022-0386
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.
Sophos Unified Threat Management<9.710
CVE-2022-0652
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against the...
Sophos Unified Threat Management<9.710
CVE-2021-36809
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos ...
Sophos Ssl Vpn Client
CVE-2021-36807
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8.
Sophos Unified Threat Management Up2date<9.708
CVE-2021-36808
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.
Sophos Sophos Secure Workspace<9.7.3115
CVE-2021-25270
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
Sophos HitmanPro.Alert<901
CVE-2021-25271
A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.
Sophos Hitmanpro<318
CVE-2021-25273
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
Sophos Unified Threat Management<9.706
CVE-2021-25264
In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator privileges.
Sophos Home<=10.0.3
Sophos Intercept X<=9.10.1
Sophos Intercept X<=10.0.3
CVE-2021-25265
A malicious website could execute code remotely in Sophos Connect Client before version 2.1.
Sophos Connect<2.1
Microsoft Windows
CVE-2020-29574
An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.
Sophos Cyberoamos<=2020-12-04
CVE-2020-25223
Sophos SG UTM Remote Code Execution Vulnerability
Sophos Unified Threat Management<9.511
Sophos Unified Threat Management>=9.600<9.607
Sophos Unified Threat Management>=9.700<9.705
Sophos Unified Threat Management=9.511
Sophos Unified Threat Management=9.607
Sophos Unified Threat Management=9.705
and 1 more
CVE-2020-17352
Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.
Sophos Xg Firewall Firmware=17.5
Sophos Xg Firewall Firmware=17.5-maintenance_release1
Sophos Xg Firewall Firmware=17.5-maintenance_release10
Sophos Xg Firewall Firmware=17.5-maintenance_release11
Sophos Xg Firewall Firmware=17.5-maintenance_release12
Sophos Xg Firewall Firmware=17.5-maintenance_release3
and 8 more
CVE-2020-15504
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re...
Sophos Xg Firewall Firmware>=17.0<=17.5
Sophos Xg Firewall Firmware=17.5-maintenance_release1
Sophos Xg Firewall Firmware=17.5-maintenance_release10
Sophos Xg Firewall Firmware=17.5-maintenance_release11
Sophos Xg Firewall Firmware=17.5-maintenance_release12
Sophos Xg Firewall Firmware=17.5-maintenance_release3
and 8 more
CVE-2020-15069
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls ...
Sophos Xg Firewall Firmware>=17.0<17.5
Sophos Xg Firewall Firmware=17.5
Sophos Xg Firewall Firmware=17.5-maintenance_release1
Sophos Xg Firewall Firmware=17.5-maintenance_release10
Sophos Xg Firewall Firmware=17.5-maintenance_release11
Sophos Xg Firewall Firmware=17.5-maintenance_release12
and 8 more
CVE-2020-14980
The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation.
Sophos Sophos Secure Email<=3.9.4
CVE-2020-11503
A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potentially allows an attacker to run arbitrary code remotely.
Sophos SFOS<17.5
Sophos SFOS=17.5
Sophos SFOS=17.5-maintenance_release1
Sophos SFOS=17.5-maintenance_release10
Sophos SFOS=17.5-maintenance_release11
Sophos SFOS=17.5-maintenance_release2
and 8 more
CVE-2020-12271
Sophos SFOS SQL Injection Vulnerability
Sophos SFOS=17.0
Sophos SFOS=17.1
Sophos SFOS=17.5
Sophos SFOS=18.0
Sophos XG Firewall
CVE-2020-10947
Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation.
Sophos Anti-virus For Sophos Central<9.9.6
Sophos Anti-virus For Sophos Home<2.2.6
CVE-2020-9540
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege.
Sophos HitmanPro.Alert<861
CVE-2020-9363
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Ser...
Sophos Cloud Optix<2020-01-14
Sophos Endpoint Protection<2020-01-14
Sophos Intercept X Endpoint<2020-01-14
Sophos Intercept X For Server<2020-01-14
Sophos Mobile<2020-01-14
Sophos Secure Web Gateway<2020-01-14
CVE-2019-17059
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN console...
Sophos Cyberoamos<10.6.6
Sophos Cyberoamos=10.6.6
Sophos Cyberoamos=10.6.6-maintenance_release1
Sophos Cyberoamos=10.6.6-maintenance_release2
Sophos Cyberoamos=10.6.6-maintenance_release3
Sophos Cyberoamos=10.6.6-maintenance_release4
and 2 more
CVE-2018-16118
A shell escape vulnerability in /webconsole/APIController in the API Configuration component of Sophos XG firewall 17.0.8 MR-8 allows remote attackers to execute arbitrary OS commands via shell metach...
Sophos SFOS<=16.0
Sophos SFOS=16.5
Sophos SFOS=17.0
Sophos SFOS=17.0.8-mr8
Sophos SFOS=17.1
Sophos XG Firewall
CVE-2018-16117
A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary OS commands via shell metacharacters ...
Sophos SFOS<=17.0
Sophos SFOS=17.1
Sophos SFOS=17.1-maintenance_release1
Sophos XG Firewall
CVE-2018-16116
SQL injection vulnerability in AccountStatus.jsp in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary SQL commands via the "username" GET paramet...
Sophos SFOS=17.0.8-mr8
Sophos XG Firewall
CVE-2017-17023
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure ...
Ncp-e Ncp Secure Entry Client=10.11-32792
Sophos IPSec Client=11.04
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data ...
Sophos HitmanPro.Alert=3.7.6.744

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203