Search criteria
145 vulnerabilities by Sophos
CVE-2025-10159 (GCVE-0-2025-10159)
Vulnerability from cvelistv5 – Published: 2025-09-09 20:58 – Updated: 2025-09-10 16:10
VLAI?
Summary
An authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access Points older than firmware version 1.7.2563 (MR7).
Severity ?
9.8 (Critical)
CWE
- CWE-620 - Unverified Password Change
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | AP6 Series Wireless Access Points |
Affected:
0 , < 1.7.2563 (MR7)
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:41:20.476524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T16:10:07.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AP6 Series Wireless Access Points",
"vendor": "Sophos",
"versions": [
{
"lessThan": "1.7.2563 (MR7)",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access Points older than firmware version 1.7.2563 (MR7).\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access Points older than firmware version 1.7.2563 (MR7)."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-620",
"description": "CWE-620 Unverified Password Change",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T21:02:39.875Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20250909-ap6"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2025-10159",
"datePublished": "2025-09-09T20:58:26.650Z",
"dateReserved": "2025-09-09T12:39:01.231Z",
"dateUpdated": "2025-09-10T16:10:07.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7433 (GCVE-0-2025-7433)
Vulnerability from cvelistv5 – Published: 2025-07-17 19:10 – Updated: 2025-07-17 20:35
VLAI?
Summary
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution.
Severity ?
8.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Intercept X for Windows |
Affected:
0 , < 2025.1
(semver)
|
Credits
Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T20:35:25.374014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T20:35:32.913Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Central Device Encryption"
],
"platforms": [
"Windows"
],
"product": "Sophos Intercept X for Windows",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution.\u003c/p\u003e"
}
],
"value": "A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-586",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-586 Object Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:13:28.337Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2025-7433",
"datePublished": "2025-07-17T19:10:27.251Z",
"dateReserved": "2025-07-10T14:55:24.847Z",
"dateUpdated": "2025-07-17T20:35:32.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13972 (GCVE-0-2024-13972)
Vulnerability from cvelistv5 – Published: 2025-07-17 19:02 – Updated: 2025-08-03 08:58
VLAI?
Summary
A vulnerability related to registry permissions in the Intercept X for Windows updater prior to Core Agent version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade.
Severity ?
8.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Intercept X for Windows Core Agent |
Affected:
0 , < 2024.3.2
(semver)
|
Credits
Filip Dragovic of MDSec (https://www.mdsec.co.uk/)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T20:30:27.725130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T20:30:35.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Updater"
],
"platforms": [
"Windows"
],
"product": "Sophos Intercept X for Windows Core Agent",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2024.3.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Filip Dragovic of MDSec (https://www.mdsec.co.uk/)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability related to registry permissions in the Intercept X for Windows updater prior to Core Agent version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade.\u003c/p\u003e"
}
],
"value": "A vulnerability related to registry permissions in the Intercept X for Windows updater prior to Core Agent version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-03T08:58:17.751Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2024-13972",
"datePublished": "2025-07-17T19:02:36.400Z",
"dateReserved": "2025-07-10T14:35:40.677Z",
"dateUpdated": "2025-08-03T08:58:17.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7472 (GCVE-0-2025-7472)
Vulnerability from cvelistv5 – Published: 2025-07-17 18:53 – Updated: 2025-07-17 20:29
VLAI?
Summary
A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM.
Severity ?
7.5 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Intercept X for Windows Installer |
Affected:
0 , < 1.22
(semver)
|
Credits
Sandro Poppi (https://medium.com/@spoppi)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T20:28:35.974455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T20:29:02.189Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Sophos Intercept X for Windows Installer",
"vendor": "Sophos",
"versions": [
{
"lessThan": "1.22",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sandro Poppi (https://medium.com/@spoppi)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM.\u003c/p\u003e"
}
],
"value": "A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM."
}
],
"impacts": [
{
"capecId": "CAPEC-640",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-640 Inclusion of Code in Existing Process"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:00:55.357Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2025-7472",
"datePublished": "2025-07-17T18:53:29.947Z",
"dateReserved": "2025-07-11T12:33:46.311Z",
"dateUpdated": "2025-07-17T20:29:02.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13861 (GCVE-0-2024-13861)
Vulnerability from cvelistv5 – Published: 2025-04-11 12:41 – Updated: 2025-04-17 03:55
VLAI?
Summary
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected.
Severity ?
7.8 (High)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Taegis Endpoint Agent (Linux) |
Affected:
0 , < 1.3.10
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T03:55:29.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Taegis Endpoint Agent (Linux)",
"vendor": "Sophos",
"versions": [
{
"lessThan": "1.3.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected.\u003c/p\u003e"
}
],
"value": "A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T12:47:04.018Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20250411-taegis-agent-lpe"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2024-13861",
"datePublished": "2025-04-11T12:41:45.182Z",
"dateReserved": "2025-02-11T17:39:11.642Z",
"dateUpdated": "2025-04-17T03:55:29.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8885 (GCVE-0-2024-8885)
Vulnerability from cvelistv5 – Published: 2024-10-02 12:25 – Updated: 2024-10-02 14:24
VLAI?
Summary
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.
Severity ?
8.8 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Intercept X |
Affected:
0 , < 2024.2.0
(semver)
|
Credits
Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sophos:intercept_x:-:*:*:*:central:macos:*:*"
],
"defaultStatus": "unknown",
"product": "intercept_x",
"vendor": "sophos",
"versions": [
{
"lessThan": "2024.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8885",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T14:23:00.511905Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T14:24:29.783Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Central Device Encryption"
],
"platforms": [
"Windows"
],
"product": "Sophos Intercept X",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2024.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Device Encryption must be licensed and enabled for an endpoint to be affected."
}
],
"value": "Device Encryption must be licensed and enabled for an endpoint to be affected."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.\u003c/p\u003e"
}
],
"value": "A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files."
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 Interface Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1104",
"description": "CWE-1104 Use of Unmaintained Third Party Components",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T13:12:52.938Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20241002-cde-lpe"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2024-8885",
"datePublished": "2024-10-02T12:25:18.831Z",
"dateReserved": "2024-09-16T09:07:04.491Z",
"dateUpdated": "2024-10-02T14:24:29.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36806 (GCVE-0-2021-36806)
Vulnerability from cvelistv5 – Published: 2023-11-30 09:41 – Updated: 2024-12-02 18:09
VLAI?
Summary
A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on
Sophos Email Appliance
older than version 4.5.3.4.
Severity ?
4.7 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Email Appliance |
Affected:
4.5.3.3
|
Credits
Jaaziel Sam Carlos
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://community.sophos.com/email-appliance/b/blog/posts/sophos-email-appliance-version-4-5-3-4-released"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-36806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T18:09:28.728961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T18:09:46.060Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sophos Email Appliance",
"vendor": "Sophos",
"versions": [
{
"status": "affected",
"version": "4.5.3.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jaaziel Sam Carlos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSophos Email Appliance \u003c/span\u003e\n\nolder than version 4.5.3.4.\u003c/span\u003e\n\n"
}
],
"value": "\nA reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on \n\nSophos Email Appliance \n\nolder than version 4.5.3.4.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T09:41:31.380Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://community.sophos.com/email-appliance/b/blog/posts/sophos-email-appliance-version-4-5-3-4-released"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-36806",
"datePublished": "2023-11-30T09:41:31.380Z",
"dateReserved": "2021-07-19T21:01:31.167Z",
"dateUpdated": "2024-12-02T18:09:46.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5552 (GCVE-0-2023-5552)
Vulnerability from cvelistv5 – Published: 2023-10-17 23:29 – Updated: 2024-09-13 16:21
VLAI?
Summary
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
Severity ?
7.1 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Firewall |
Unaffected:
19.5.4
Unaffected: 20.0.0 |
Credits
IT für Caritas eG
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:20:59.543456Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:21:10.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Sophos Firewall",
"vendor": "Sophos",
"versions": [
{
"status": "unaffected",
"version": "19.5.4"
},
{
"status": "unaffected",
"version": "20.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "IT f\u00fcr Caritas eG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to \u201cSpecified by sender\u201d."
}
],
"value": "A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to \u201cSpecified by sender\u201d."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T23:29:12.601Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2023-5552",
"datePublished": "2023-10-17T23:29:12.601Z",
"dateReserved": "2023-10-12T05:55:23.384Z",
"dateUpdated": "2024-09-13T16:21:10.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33335 (GCVE-0-2023-33335)
Vulnerability from cvelistv5 – Published: 2023-07-05 00:00 – Updated: 2024-11-26 21:15
VLAI?
Summary
Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:36.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-%28XSS%29-in-Sophos-iView.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33335",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T21:15:27.640562Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T21:15:35.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-05T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-%28XSS%29-in-Sophos-iView.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-33335",
"datePublished": "2023-07-05T00:00:00",
"dateReserved": "2023-05-22T00:00:00",
"dateUpdated": "2024-11-26T21:15:35.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33336 (GCVE-0-2023-33336)
Vulnerability from cvelistv5 – Published: 2023-06-30 00:00 – Updated: 2024-11-27 16:11
VLAI?
Summary
Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:36.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-%28XSS%29-in-Sophos-Web-Appliance-4.1.1-0.9.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33336",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:11:09.213255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:11:21.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-%28XSS%29-in-Sophos-Web-Appliance-4.1.1-0.9.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-33336",
"datePublished": "2023-06-30T00:00:00",
"dateReserved": "2023-05-22T00:00:00",
"dateUpdated": "2024-11-27T16:11:21.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1671 (GCVE-0-2023-1671)
Vulnerability from cvelistv5 – Published: 2023-04-04 00:00 – Updated: 2025-10-21 23:15
VLAI?
Summary
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Web Appliance |
Affected:
unspecified , < 4.3.10.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:57:24.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1671",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T21:14:11.071255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-11-16",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-1671"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:21.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-1671"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-16T00:00:00+00:00",
"value": "CVE-2023-1671 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Web Appliance",
"vendor": "Sophos",
"versions": [
{
"lessThan": "4.3.10.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-26T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
},
{
"url": "http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2023-1671",
"datePublished": "2023-04-04T00:00:00.000Z",
"dateReserved": "2023-03-28T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:21.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36692 (GCVE-0-2020-36692)
Vulnerability from cvelistv5 – Published: 2023-04-04 00:00 – Updated: 2025-02-11 14:27
VLAI?
Summary
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
Severity ?
6.5 (Medium)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Web Appliance |
Affected:
unspecified , < 4.3.10.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:05.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T14:27:31.252299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T14:27:36.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Web Appliance",
"vendor": "Sophos",
"versions": [
{
"lessThan": "4.3.10.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-04T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2020-36692",
"datePublished": "2023-04-04T00:00:00.000Z",
"dateReserved": "2023-03-28T00:00:00.000Z",
"dateUpdated": "2025-02-11T14:27:36.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4934 (GCVE-0-2022-4934)
Vulnerability from cvelistv5 – Published: 2023-04-04 00:00 – Updated: 2025-02-11 14:27
VLAI?
Summary
A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.
Severity ?
7.2 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Web Appliance |
Affected:
unspecified , < 4.3.10.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4934",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T14:27:05.799435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T14:27:10.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Web Appliance",
"vendor": "Sophos",
"versions": [
{
"lessThan": "4.3.10.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-04T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-4934",
"datePublished": "2023-04-04T00:00:00.000Z",
"dateReserved": "2023-03-28T00:00:00.000Z",
"dateUpdated": "2025-02-11T14:27:10.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48310 (GCVE-0-2022-48310)
Vulnerability from cvelistv5 – Published: 2023-03-01 00:00 – Updated: 2025-03-07 20:41
VLAI?
Summary
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.
Severity ?
5.5 (Medium)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Connect Client |
Affected:
unspecified , < 2.2.90
(custom)
|
Credits
Mario Melcher - Information Security Professional at SEITENBAU GmbH
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230301-scc-csrf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-07T20:41:42.989683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T20:41:57.054Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Connect Client",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2.2.90",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mario Melcher - Information Security Professional at SEITENBAU GmbH"
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-01T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230301-scc-csrf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-48310",
"datePublished": "2023-03-01T00:00:00.000Z",
"dateReserved": "2023-02-03T00:00:00.000Z",
"dateUpdated": "2025-03-07T20:41:57.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48309 (GCVE-0-2022-48309)
Vulnerability from cvelistv5 – Published: 2023-03-01 00:00 – Updated: 2025-03-07 20:42
VLAI?
Summary
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.
Severity ?
4.3 (Medium)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Connect Client |
Affected:
unspecified , < 2.2.90
(custom)
|
Credits
Mario Melcher - Information Security Professional at SEITENBAU GmbH
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230301-scc-csrf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-07T20:42:10.622427Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T20:42:23.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Connect Client",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2.2.90",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mario Melcher - Information Security Professional at SEITENBAU GmbH"
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-01T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230301-scc-csrf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-48309",
"datePublished": "2023-03-01T00:00:00.000Z",
"dateReserved": "2023-02-03T00:00:00.000Z",
"dateUpdated": "2025-03-07T20:42:23.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4901 (GCVE-0-2022-4901)
Vulnerability from cvelistv5 – Published: 2023-03-01 00:00 – Updated: 2025-03-07 20:41
VLAI?
Summary
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.
Severity ?
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Connect Client |
Affected:
unspecified , < 2.2.90
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:45.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230301-scc-csrf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-07T20:41:25.143760Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T20:41:28.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Connect Client",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2.2.90",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-01T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230301-scc-csrf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-4901",
"datePublished": "2023-03-01T00:00:00.000Z",
"dateReserved": "2023-02-03T00:00:00.000Z",
"dateUpdated": "2025-03-07T20:41:28.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3980 (GCVE-0-2022-3980)
Vulnerability from cvelistv5 – Published: 2022-11-16 00:00 – Updated: 2025-04-29 14:12
VLAI?
Summary
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Mobile managed on-premises |
Affected:
5.0.0 , < unspecified
(custom)
Affected: unspecified , ≤ 9.7.4 (custom) |
Credits
Florian Hauser of Code White GmbH
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:54.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T14:10:25.355027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T14:12:08.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Mobile managed on-premises",
"vendor": "Sophos",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.7.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Florian Hauser of Code White GmbH"
}
],
"descriptions": [
{
"lang": "en",
"value": "An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-16T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-3980",
"datePublished": "2022-11-16T00:00:00.000Z",
"dateReserved": "2022-11-14T00:00:00.000Z",
"dateUpdated": "2025-04-29T14:12:08.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3236 (GCVE-0-2022-3236)
Vulnerability from cvelistv5 – Published: 2022-09-23 12:50 – Updated: 2025-10-21 23:15
VLAI?
Summary
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Firewall |
Affected:
unspecified , ≤ 18.5 MR4
(custom)
Affected: unspecified , ≤ 19.0 MR1 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3236",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T21:40:50.761466Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-09-23",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-3236"
},
"type": "kev"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:34.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-3236"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-09-23T00:00:00+00:00",
"value": "CVE-2022-3236 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Firewall",
"vendor": "Sophos",
"versions": [
{
"lessThanOrEqual": "18.5 MR4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "19.0 MR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T12:50:13.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-3236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos Firewall",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "18.5 MR4"
},
{
"version_affected": "\u003c=",
"version_value": "19.0 MR1"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-3236",
"datePublished": "2022-09-23T12:50:13.000Z",
"dateReserved": "2022-09-17T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:34.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1807 (GCVE-0-2022-1807)
Vulnerability from cvelistv5 – Published: 2022-09-07 18:00 – Updated: 2025-06-17 19:36
VLAI?
Summary
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
Severity ?
7.2 (High)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Firewall |
Affected:
unspecified , < 18.5 MR4
(custom)
Affected: unspecified , < 19.0 MR1 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:59.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T19:36:23.971495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T19:36:39.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Firewall",
"vendor": "Sophos",
"versions": [
{
"lessThan": "18.5 MR4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "19.0 MR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T18:00:14.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-1807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos Firewall",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.5 MR4"
},
{
"version_affected": "\u003c",
"version_value": "19.0 MR1"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
},
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-1807",
"datePublished": "2022-09-07T18:00:14.000Z",
"dateReserved": "2022-05-20T00:00:00.000Z",
"dateUpdated": "2025-06-17T19:36:39.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25266 (GCVE-0-2021-25266)
Vulnerability from cvelistv5 – Published: 2022-04-27 16:45 – Updated: 2024-08-03 19:56
VLAI?
Summary
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
Severity ?
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Sophos | Intercept X for Mobile (Android) |
Affected:
unspecified , < 9.7.3495
(custom)
|
|||||||
|
|||||||||
Credits
Can Özkan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220427-ixm-storage"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intercept X for Mobile (Android)",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.7.3495",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Sophos Authenticator (Android)",
"vendor": "Sophos",
"versions": [
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Can \u00d6zkan"
}
],
"descriptions": [
{
"lang": "en",
"value": "An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:45:13",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220427-ixm-storage"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-25266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intercept X for Mobile (Android)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.7.3495"
}
]
}
},
{
"product_name": "Sophos Authenticator (Android)",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.4"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Can \u00d6zkan"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220427-ixm-storage",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220427-ixm-storage"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-25266",
"datePublished": "2022-04-27T16:45:13",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0331 (GCVE-0-2022-0331)
Vulnerability from cvelistv5 – Published: 2022-03-29 00:30 – Updated: 2024-08-02 23:25
VLAI?
Summary
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Firewall |
Affected:
unspecified , ≤ 18.5 MR2
(custom)
|
Credits
Mohammed Adel of Safe Decision Cybersecurity Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sophos Firewall",
"vendor": "Sophos",
"versions": [
{
"lessThanOrEqual": "18.5 MR2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mohammed Adel of Safe Decision Cybersecurity Labs"
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T00:30:13",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-0331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos Firewall",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "18.5 MR2"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mohammed Adel of Safe Decision Cybersecurity Labs"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-0331",
"datePublished": "2022-03-29T00:30:13",
"dateReserved": "2022-01-21T00:00:00",
"dateUpdated": "2024-08-02T23:25:40.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1040 (GCVE-0-2022-1040)
Vulnerability from cvelistv5 – Published: 2022-03-25 12:10 – Updated: 2025-10-21 23:15
VLAI?
Summary
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Firewall |
Affected:
unspecified , ≤ 18.5 MR3
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:43.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/51006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1040",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:24:47.614244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-31",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-1040"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:43.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-1040"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-31T00:00:00+00:00",
"value": "CVE-2022-1040 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Firewall",
"vendor": "Sophos",
"versions": [
{
"lessThanOrEqual": "18.5 MR3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-13T20:44:02.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/51006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-1040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos Firewall",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "18.5 MR3"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce"
},
{
"name": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html"
},
{
"name": "https://www.exploit-db.com/exploits/51006",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/51006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-1040",
"datePublished": "2022-03-25T12:10:10.000Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:43.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0652 (GCVE-0-2022-0652)
Vulnerability from cvelistv5 – Published: 2022-03-21 23:45 – Updated: 2024-08-02 23:32
VLAI?
Summary
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
Severity ?
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos UTM |
Affected:
unspecified , < 9.710
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sophos UTM",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.710",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Confd log files contain local users\u0027, including root\u2019s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-21T23:45:15",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-0652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos UTM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.710"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Confd log files contain local users\u0027, including root\u2019s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-0652",
"datePublished": "2022-03-21T23:45:15",
"dateReserved": "2022-02-16T00:00:00",
"dateUpdated": "2024-08-02T23:32:46.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0386 (GCVE-0-2022-0386)
Vulnerability from cvelistv5 – Published: 2022-03-21 23:45 – Updated: 2024-08-02 23:25
VLAI?
Summary
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.
Severity ?
8.8 (High)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos UTM |
Affected:
unspecified , < 9.710
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sophos UTM",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.710",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-21T23:45:14",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-0386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos UTM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.710"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-0386",
"datePublished": "2022-03-21T23:45:14",
"dateReserved": "2022-01-26T00:00:00",
"dateUpdated": "2024-08-02T23:25:40.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36809 (GCVE-0-2021-36809)
Vulnerability from cvelistv5 – Published: 2022-03-07 23:45 – Updated: 2024-08-04 01:01
VLAI?
Summary
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
Severity ?
6.1 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | SSL VPN client |
Affected:
unspecified , ≤ 2.3.8.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220303-sslvpn-local-dos"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SSL VPN client",
"vendor": "Sophos",
"versions": [
{
"lessThanOrEqual": "2.3.8.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T23:45:11",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220303-sslvpn-local-dos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-36809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SSL VPN client",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.3.8.0"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220303-sslvpn-local-dos",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220303-sslvpn-local-dos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-36809",
"datePublished": "2022-03-07T23:45:11",
"dateReserved": "2021-07-19T00:00:00",
"dateUpdated": "2024-08-04T01:01:59.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25269 (GCVE-0-2021-25269)
Vulnerability from cvelistv5 – Published: 2021-11-26 14:12 – Updated: 2024-08-03 19:56
VLAI?
Summary
A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.
Severity ?
4.4 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Sophos | Intercept X Advanced |
Affected:
unspecified , < 2.0.23
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Andrea Intilangelo
Florian Hansemann
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-ixa-hmpa-local-dos"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intercept X Advanced",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2.0.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Intercept X Advanced for Server",
"vendor": "Sophos",
"versions": [
{
"lessThan": "2.0.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Sophos Exploit Prevention",
"vendor": "Sophos",
"versions": [
{
"lessThan": "3.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrea Intilangelo"
},
{
"lang": "en",
"value": "Florian Hansemann"
}
],
"descriptions": [
{
"lang": "en",
"value": "A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-26T14:12:47",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-ixa-hmpa-local-dos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-25269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intercept X Advanced",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.0.23"
}
]
}
},
{
"product_name": "Intercept X Advanced for Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.0.23"
}
]
}
},
{
"product_name": "Sophos Exploit Prevention",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.8.3"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Andrea Intilangelo"
},
{
"lang": "eng",
"value": "Florian Hansemann"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-ixa-hmpa-local-dos",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-ixa-hmpa-local-dos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-25269",
"datePublished": "2021-11-26T14:12:47",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36807 (GCVE-0-2021-36807)
Vulnerability from cvelistv5 – Published: 2021-11-26 14:12 – Updated: 2024-08-04 01:01
VLAI?
Summary
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8.
Severity ?
8.8 (High)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-sg-sqli"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SG UTM",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.708 MR8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-26T14:12:47",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-sg-sqli"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-36807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SG UTM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.708 MR8"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-sg-sqli",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-sg-sqli"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-36807",
"datePublished": "2021-11-26T14:12:47",
"dateReserved": "2021-07-19T00:00:00",
"dateUpdated": "2024-08-04T01:01:59.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36808 (GCVE-0-2021-36808)
Vulnerability from cvelistv5 – Published: 2021-10-30 12:22 – Updated: 2024-08-04 01:01
VLAI?
Summary
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.
Severity ?
5.9 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Secure Workspace for Android |
Affected:
unspecified , < 9.7.3115
(custom)
|
Credits
Christian Niel Angel
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sophos Secure Workspace for Android",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.7.3115",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Christian Niel Angel"
}
],
"descriptions": [
{
"lang": "en",
"value": "A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-30T12:22:27",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-36808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos Secure Workspace for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.7.3115"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Christian Niel Angel"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-36808",
"datePublished": "2021-10-30T12:22:27",
"dateReserved": "2021-07-19T00:00:00",
"dateUpdated": "2024-08-04T01:01:59.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25271 (GCVE-0-2021-25271)
Vulnerability from cvelistv5 – Published: 2021-10-07 23:11 – Updated: 2024-08-03 19:56
VLAI?
Summary
A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Michael Bourque (@downwithupsec)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmp-lpe"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HitmanPro",
"vendor": "Sophos",
"versions": [
{
"lessThan": "318",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Michael Bourque (@downwithupsec)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T23:11:54",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmp-lpe"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-25271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HitmanPro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "318"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Michael Bourque (@downwithupsec)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmp-lpe",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmp-lpe"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-25271",
"datePublished": "2021-10-07T23:11:54",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25270 (GCVE-0-2021-25270)
Vulnerability from cvelistv5 – Published: 2021-10-07 23:11 – Updated: 2024-08-03 19:56
VLAI?
Summary
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | HitmanPro.Alert |
Affected:
unspecified , < 901
(custom)
|
Credits
Michael Bourque (@downwithupsec)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmpa-lpe"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HitmanPro.Alert",
"vendor": "Sophos",
"versions": [
{
"lessThan": "901",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Michael Bourque (@downwithupsec)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T23:11:53",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmpa-lpe"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-25270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HitmanPro.Alert",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "901"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Michael Bourque (@downwithupsec)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmpa-lpe",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20211007-hmpa-lpe"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-25270",
"datePublished": "2021-10-07T23:11:53",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}