Security Advisories

RSS Feed
Impact
Advisory Name
CVE
Updated
Product Family
Article Version
  • Informational
    Advisory: TunnelCrack Vulnerabilities in VPN Clients
    CVE(s):
    CVE-2023-36672
    CVE-2023-35838
    CVE-2023-36673
    CVE-2023-36671
    Updated:
    Product(s):
    Sophos Connect Client 2.0
    Article Version: 1
    Publication ID: sophos-sa-20231124-tunnelcrack
    First Published:
    Workaround: Yes
  • Critical
    Sophos Web Appliance 4.3.10.4 Resolves Security Vulnerabilities
    CVE(s):
    CVE-2023-1671
    CVE-2022-4934
    CVE-2020-36692
    Updated:
    Product(s):
    Sophos Web Appliance (SWA)
    Article Version: 2
    Publication ID: sophos-sa-20230404-swa-rce
    First Published:
    Workaround: No
  • Informational
    Advisory: curl high severity vulnerability
    CVE(s):
    CVE-2023-38545
    Updated:
    Product(s):
    Cloud Optix
    Intercept X Endpoint
    Intercept X for Server
    SafeGuard Enterprise (SGN)
    Sophos Central
    Sophos Connect Client 2.0
    Sophos Email
    Sophos Firewall
    Sophos Home
    Sophos Mobile
    Sophos Mobile EAS Proxy
    Sophos RED
    Sophos Switch
    Sophos UTM
    Sophos Wireless
    Sophos ZTNA
    SophosLabs Intelix
    Article Version: 1
    Publication ID: sophos-sa-20231023-curl-vuln
    First Published:
    Workaround: No
  • High
    Multiple Vulnerabilities in Exim
    CVE(s):
    CVE-2023-42114
    CVE-2023-42115
    CVE-2023-42116
    CVE-2023-42117
    CVE-2023-42118
    CVE-2023-42119
    Updated:
    Product(s):
    Sophos Firewall
    Sophos UTM
    Article Version: 1
    Publication ID: sophos-sa-20231005-exim-vuln
    First Published:
    Workaround: Yes
  • Informational
    Advisory: libwebp critical vulnerability
    CVE(s):
    CVE-2023-4863
    Updated:
    Product(s):
    Cloud Optix
    Intercept X Endpoint
    Intercept X for Server
    Sophos Central
    Sophos Connect Client 2.0
    Sophos Email
    Sophos Email Appliance (SEA)
    Sophos Firewall
    Sophos Home
    Sophos Mobile
    Sophos RED
    Sophos Switch
    Sophos UTM
    Sophos Wireless
    Sophos ZTNA
    SophosLabs Intelix
    Article Version: 1
    Publication ID: sophos-sa-20231002-libwebp-vuln
    First Published:
    Workaround: No
  • Medium
    Sophos Connect v2.2 MR1 Resolves Security Vulnerabilities
    CVE(s):
    CVE-2022-48309
    CVE-2022-48310
    CVE-2022-4901
    Updated:
    Product(s):
    Sophos Connect Client 2.0
    Article Version: 1
    Publication ID: sophos-sa-20230301-scc-csrf
    First Published:
    Workaround: No
  • Informational
    Advisory: OpenSSL high severity vulnerability
    CVE(s):
    CVE-2023-0286
    Updated:
    Product(s):
    Cloud Optix
    Intercept X Endpoint
    Intercept X for Server
    Sophos Central
    Sophos Connect Client 2.0
    Sophos Email
    Sophos Email Appliance (SEA)
    Sophos Enterprise Console (SEC)
    Sophos Firewall
    Sophos Home
    Sophos Mobile
    Sophos Mobile EAS Proxy
    Sophos RED
    Sophos UTM
    Sophos Web Appliance (SWA)
    Sophos Wireless
    SophosLabs Intelix
    Article Version: 2
    Publication ID: sophos-sa-20230214-openssl-vuln
    First Published:
    Workaround: No
  • Critical
    Sophos Firewall v19.5 GA Resolves Security Vulnerabilities
    CVE(s):
    CVE-2022-3236
    CVE-2022-3226
    CVE-2022-3713
    CVE-2022-3696
    CVE-2022-3709
    CVE-2022-3711
    CVE-2022-3710
    Updated:
    Product(s):
    Sophos Firewall
    Article Version: 3
    Publication ID: sophos-sa-20221201-sfos-19-5-0
    First Published:
    Workaround: No
  • Informational
    Advisory: OpenSSL 3.x critical vulnerability
    CVE(s):
    CVE-2022-3786
    CVE-2022-3602
    Updated:
    Product(s):
    Cloud Optix
    Intercept X Endpoint
    Intercept X for Server
    Reflexion
    SafeGuard Enterprise (SGN)
    Sophos Authenticator
    Sophos Central
    Sophos Connect Client 2.0
    Sophos Email
    Sophos Email Appliance (SEA)
    Sophos Enterprise Console (SEC)
    Sophos Firewall
    Sophos Home
    Sophos Mobile
    Sophos Mobile EAS Proxy
    Sophos RED
    Sophos Transparent Authentication Suite (STAS)
    Sophos UTM
    Sophos UTM Manager
    Sophos Web Appliance (SWA)
    Sophos Wireless
    Sophos ZTNA
    SophosLabs Intelix
    Article Version: 3
    Publication ID: sophos-sa-20221031-openssl-vuln
    First Published:
    Workaround: No
  • Critical
    Resolved RCE in Sophos Firewall (CVE-2022-3236)
    CVE(s):
    CVE-2022-3236
    Updated:
    Product(s):
    Sophos Firewall
    Article Version: 2
    Publication ID: sophos-sa-20220923-sfos-rce
    First Published:
    Workaround: Yes
  • Critical
    Sophos Firewall v18.5 MR4 Resolves Security Vulnerabilities
    CVE(s):
    CVE-2022-1040
    CVE-2021-25268
    CVE-2022-1292
    CVE-2022-1807
    CVE-2021-25267
    Updated:
    Product(s):
    Sophos Firewall
    Article Version: 1
    Publication ID: sophos-sa-20220907-sfos-18-5-4
    First Published:
    Workaround: No
  • Critical
    Resolved RCE in Sophos Firewall (CVE-2022-1040)
    CVE(s):
    CVE-2022-1040
    Updated:
    Product(s):
    Sophos Firewall
    Article Version: 3
    Publication ID: sophos-sa-20220325-sfos-rce
    First Published:
    Workaround: Yes
  • Informational
    Advisory: Spring Cloud Function (SPEL) and Spring Framework AKA SpringShell vulnerabilities (CVE-2022-22963, CVE-2022-22965)
    CVE(s):
    CVE-2022-22963
    CVE-2022-22965
    Updated:
    Product(s):
    Cloud Optix
    Reflexion
    Sophos Central
    Sophos Email
    Sophos Firewall
    Sophos Home
    Sophos Mobile
    Sophos Mobile EAS Proxy
    Sophos Switch
    Sophos UTM
    Sophos UTM Manager
    Article Version: 1
    Publication ID: sophos-sa-20220401-spring-rce
    First Published:
    Workaround: No