Critical RCE Alarm in Sophos Firewall Solutions

September 27, 2022
11:00 am

[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]A critical 0-day security vulnerability that affects Sophos Firewall solutions has been identified and is known to be actively exploited by threat actors.

The RCE vulnerability, tracked as CVE-2022-3236, exists due to incorrect login validation in the User Portal and WebAdmin interfaces of Sophos Firewall solutions. As a result, an unauthenticated, remote threat actor can execute arbitrary code on the target system via a specially crafted request.

The vulnerability affects all versions of Sophos Firewall 17.0.0 (inclusive) to 19.0.1. Sophos has released updates that fix the vulnerability. To avoid being affected by attacks that can be carried out using the vulnerability, it is recommended that users minimize the internet exposure of the User Portal and Webadmin interface and apply the published updates immediately.[/vc_column_text][vc_empty_space height=”30px”][/vc_column][/vc_row]

Critical RCE Alarm in Sophos Firewall Solutions

Share This:

Channel Partners

Become A Partner

Partner Portal Login

The Bridge Partner Program

Blog

Customer Stories

Datasheets

e-Books

Events

Glossary

Threat Intelligence Researches

Reports

Security News

Infographics

Whitepapers

Explore Our Ransomware Threats Report

Platform Overview

Brand Protection

Exposure Management

Cyber Threat Intelligence

Supply Chain Security

Technology Integrations

CONTACT US

About Us

Careers

News

Awards

Logos & Press Kit

Threat Intelligence Services

Brand Monitoring

Fraud Protection

VIP Security

Vulnerability Intelligence

Attack Surface Management

Preventing Data Leakage

Phishing Monitoring

Account Takeover Detection

Stolen Credit Cards

Dark Web Monitoring

Remediation and Takedown