Ir para conteúdo

Vulnerability Alert - Sophos Firewall

TYPE
Vulnerabilities
SYSTEMS AFFECTED
Sophos Firewall v19.0 MR1 (19.0.1) and older
ECOSYSTEM
Other
Description

Sophos released a new version of Sophos Firewall to solve a critical RCE vulnerability (CVE-2022-3236). It relates to a code injection vulnerability allowing remote code execution in the User Portal and Webadmin of the product.
This vulnerability is being actively exploited.

 

Impact

It allows an attacker to achieve remote code execution.

 

Resolution

No action is required for Sophos Firewall customers with the "Allow automatic installation of hotfixes" feature enabled. However, the customers without this feature enable, it is recommended to upgrade the version of your product.  To confirm that the hotfix has been applied to your firewall, please refer to [2].

Additionally, it is recommended that customers could protect themselves from external attackers by ensuring their User Portal and Webadmin are not exposed to WAN. [3]

References
Last updated on 07-09-2022