Sophos News Articles

Recent news articles refferecing the vendors vulnerabilities.

favicon imageSystemTek

Sophos issues hotfixes for three critical flaws in XG firewall

Sophos has issued hotfixes to resolve three security vulnerabilities in its Firewall products. These flaws, under certain conditions, could enable remote code execution and grant privileged system...

2 weeks ago

favicon imageCyber Security News

Critical Sophos Firewall Vulnerabilities Let Attackers Execute Remote Code

Sophos, a leading cybersecurity firm, recently announced the resolution of three critical security vulnerabilities in its Sophos Firewall product. These vulnerabilities could potentially allow attackers to execute remote code on affected systems.

2 weeks ago

favicon imageBleepingComputer

Sophos Firewall vulnerable to critical remote code execution flaw

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices.

2 weeks ago

favicon imageBleepingComputer

Sophos discloses critical Firewall remote code execution flaw

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices.

2 weeks ago

favicon imageThe Hacker News

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Hotfixes address critical CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 flaws in Sophos Firewalls. Update to v21 MR1+ for security.

2 weeks ago

favicon imageHelp Net Security

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) - Help Net Security

CISA has added three bugs to its Known Exploited Vulnerabilities catalog, among them a critical one (CVE-2023-1671) in Sophos Web Appliance.

1 year ago

favicon imageThe Hacker News

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

U.S. CISA has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild.

1 year ago

favicon imageThe Cyber Express

A Pre-Auth Command Injection Sophos Vulnerability Exploited In The Wild - The Cyber Express

The pre-auth command injection Sophos vulnerability was found in the versions prior to 4.3.10.4. CVE-2023-1671 had a severity score of 9.8.

2 years ago