Sophos Firewall Remote Code Execution Vulnerability
Release Date: 28 Mar 2022
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
A vulnerability has been identified in Sophos Firewall. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- Sophos Firewall version prior to v18.5 MR3 (18.5.3)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
Note: There is no action required for Sophos Firewall customers with the "Allow automatic installation of hotfixes" feature enabled. Enabled is the default setting.
Vulnerability Identifier
Source
Related Link
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
沒有留言:
發佈留言