Unquoted Service Path Vulnerability in Sophos Intercept X Advanced
CVE-2021-25269

4.4MEDIUM

Key Information:

Vendor: Sophos
Status: Intercept X Advanced; Intercept X Advanced For Server; Sophos Exploit Prevention
Vendor: CVE Published:; 26 November 2021

What is CVE-2021-25269?

A local administrator has the ability to hinder the HMPA service from starting while bypassing tamper protection due to an unquoted service path issue in the HMPA component of Sophos Intercept X Advanced and its server counterpart, along with Sophos Exploit Prevention. This can lead to service disruption, impacting overall system functionality.

Affected Version(s)

Intercept X Advanced < 2.0.23

Intercept X Advanced for Server < 2.0.23

Sophos Exploit Prevention < 3.8.3

References

https://www.sophos.com/en-us/security-advisories/sophos-s...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 26, 2021
Vulnerability Reserved
Jan 15, 2021

Credit

Andrea Intilangelo

Florian Hansemann