Sophos Firewall Multiple Vulnerabilities
Release Date: 23 Dec 2024
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Sophos Firewall. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.
Impact
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
Sophos Firewall version prior to v21.0 GA (21.0.0)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce
Note: There is no action required for Sophos Firewall customers with the "Allow automatic installation of hotfixes" feature enabled. Enabled is the default setting.
沒有留言:
發佈留言