A local privilege escalation vulnerability in the end-of-life Sophos SSL VPN client for Windows was discovered and responsibly disclosed to Sophos. It was reported via the Sophos bug bounty program by an external security researcher.
Sophos would like to thank Shachar Korot for responsibly disclosing the issue to Sophos.
The vulnerability allows a local attacker to overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss.
Customers are required to migrate to using Sophos Connect to remediate this issue. Sophos will not fix the vulnerability in the SSL VPN client.
Applies to the following Sophos product(s) and version(s)
Sophos SSL VPN client (all versions)
Users of Sophos SSL VPN client are required to upgrade to the Sophos Connect v2 VPN client to remediate this issue