Hey there, Sophos users! It’s crucial to stay on top of your firewall device updates to ensure your security is up to date. Sophos recently addressed several security vulnerabilities that could potentially lead to malicious attacks, including code execution.
Stay Secure with Sophos Firewall Updates
In a recent advisory, Sophos patched three vulnerabilities in the Sophos Firewall. These vulnerabilities include:
- CVE-2024-12727 (critical severity; CVSS 9.8): an SQL injection vulnerability in the email protection feature that could lead to remote code execution attacks.
- CVE-2024-12728 (critical severity; CVSS 9.8): Weak credentials vulnerability allowing elevated privileges via SSH.
- CVE-2024-12729 (high severity; CVSS 8.8): a code injection vulnerability in the User Portal.
These vulnerabilities have been patched in newer versions of Sophos Firewall, and hotfixes are available for immediate protection. Be sure to update your systems to stay secure.
If immediate updates aren’t possible, Sophos also shared mitigation strategies to protect your devices. It’s essential to secure SSH access and consider disabling WAN access to User Portal and WebAdmin as additional precautions.
Sophos has not detected any active exploitation of these vulnerabilities, but it’s always best to stay proactive. Update your devices with the latest security fixes to safeguard against potential threats.
We’d love to hear your thoughts on this. Feel free to share in the comments below!
