.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Critical
Cyberoam Firewall Remote Code Execution Vulnerability (CVE-2019-17059)
CVE(N)
CVE-2019-17059
PRODUIT(S)
Cyberoam OS Devices
Mis à jour
2019 Oct 16
Version de l'article
1
Publié
2019 Oct 16
ID de publication
sophos-sa-20191016.1-cyberoam-rce
Solution alternative
No
Overview
A critical shell injection vulnerability in Sophos Cyberoam Firewall appliances running CyberoamOS (CROS) version 10.6.6 MR-5 and earlier was recently discovered and responsibly disclosed to Sophos by an external security researcher.
The vulnerability can be potentially exploited by sending a malicious request to either the Web Admin or SSL VPN consoles, which would enable an unauthenticated remote attacker to execute arbitrary commands.
Applies to the following Sophos products and versions
- Cyberoam Firewalls running CROS 10.6.6 MR-5 and earlier
Remediation
- For customers running CROS version 10.6.4 and later, who use the default automatic updates setting, the security update has been automatically installed since September 30, 2019 and there is no action required.
- For customers who keep automatic updates disabled or otherwise cannot receive them, the patch is available via Sophos Support.
- The hotfix for the vulnerability will also be included in CROS version 10.6.6 MR-6.
Sophos Responsible Disclosure Policy
To learn about Sophos security vulnerability disclosure policies and publications, see the Responsible Disclosure Policy.