Tech News
Sophos Firewall Vulnerabilities Could Allow Remote Attacks
Sophos users should ensure that their firewall devices are updated with the latest updates to address several security vulnerabilities. These vulnerabilities could be exploited for various malicious actions, including code execution attacks.
Multiple Vulnerabilities Patched In Sophos Firewall
According to a recent advisory, Sophos has patched at least three vulnerabilities in the Sophos Firewall. These vulnerabilities include:
- CVE-2024-12727 (critical severity; CVSS 9.8): an SQL injection vulnerability affecting the email protection feature. This vulnerability could allow an attacker to gain access to the target Firewall’s reporting database and execute remote code execution attacks.
- CVE-2024-12728 (critical severity; CVSS 9.8): This vulnerability was due to weak credentials, enabling an attacker to gain elevated privileges via SSH on the target Sophos Firewall.
- CVE-2024-12729 (high severity; CVSS 8.8): A post-auth code injection vulnerability in the User Portal, allowing an authenticated attacker to execute code on the target device.
Two of these vulnerabilities were reported by external security researchers through Sophos’ bug bounty program, while the third was discovered internally by Sophos researchers.
These vulnerabilities affected Sophos Firewall v21.0 GA (21.0.0) and older versions. Sophos has released patches for all vulnerabilities, initially as hotfixes and later integrated into v20 MR3, v21 MR1, and newer versions. Users are advised to check for updates with stable releases to ensure the security of their systems.
In addition to patching the vulnerabilities, Sophos has shared mitigation strategies for devices where immediate patching is not possible. These strategies include securing SSH access and disabling WAN access to User Portal and WebAdmin.
Sophos has confirmed that there have been no active exploits of these vulnerabilities. However, users are urged to update their devices promptly to protect against potential threats.
Share your thoughts in the comments section below.
China-U.S. trade war heats up with Beijing’s tariffs to take effect
TDU Solar Crown Season 3 delays Clan Wars, but adds requested features like Solo Mode
I saw new Gemini and Project Astra, here’s why it’s fantastic
Jackie and Shadow’s third eaglet has landed
Could maple water replace coconut water? Ontario producers hope so
7 Simple Acts of Kindness That’ll Make You Everyone’s Favorite Colleague
Carlos Coronel has seven saves to help Red Bulls gain draw vs. Atlanta United
The Forever Winter’s water will no longer drain away while you’re offline
New DOJ proposal still calls for Google to divest Chrome, but allows for AI investments
Apple, please stop excusing yourself out of basic iPhone features
Singapore Airlines CEO set to join board of Air India, BA News, BA
Croatia to reintroduce compulsory military draft as regional tensions soar
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
15 Best Magnetic Tile Race Tracks for Kids!
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
15 of the Best Trike & Tricycles Mums Recommend
The Top 20 Motivational Instagram Accounts to Follow (2024)
Satisfy Your Meat and BBQ Cravings While in Texas
Soccer team’s drone at center of Paris Olympics spying scandal
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Destination5 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Breaking News7 months agoCroatia to reintroduce compulsory military draft as regional tensions soar
-
Tech News9 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Toys7 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Gaming7 months agoThe Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Toys9 months ago15 of the Best Trike & Tricycles Mums Recommend
-
Motivation9 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Guides & Tips8 months ago
Satisfy Your Meat and BBQ Cravings While in Texas