Security Advisories

Advisory

Impact

CVE

Product Family

Sort by

Items per page

Flux RSS

Informational

Advisory: Spring Cloud Function (SPEL) and Spring Framework AKA SpringShell vulnerabilities (CVE-2022-22963, CVE-2022-22965)

CVE(s):

CVE-2022-22963

CVE-2022-22965

Updated: 2022 avr 1

Product(s):

Cloud Optix

Reflexion

Sophos Central

Sophos Email

Sophos Firewall

Sophos Home

Sophos Mobile

Sophos Mobile EAS Proxy

Sophos Switch

Sophos UTM

Sophos UTM Manager

Version de l’article 1

ID de la publication sophos-sa-20220401-spring-rce

Première publication ven 01/04/2022 - 15:48

Solution No
Medium

Sophos Firewall v18.5 MR3 Resolves Security Vulnerabilities (CVE-2022-0331)

CVE(s):

CVE-2022-0331

Updated: 2022 mar 28

Product(s):

Sophos Firewall

Version de l’article 1

ID de la publication sophos-sa-20220328-sfos-18-5-3

Première publication lun 28/03/2022 - 01:08

Solution No
High

Sophos (SG) UTM 9.710 MR10 Resolves Security Vulnerabilities (CVE-2022-0386, CVE-2022-0652)

CVE(s):

CVE-2022-0386

CVE-2022-0652

Updated: 2022 mar 21

Product(s):

Sophos UTM

Version de l’article 1

ID de la publication sophos-sa-20220321-utm-9710

Première publication lun 21/03/2022 - 23:02

Solution No
High

Advisory: OpenSSL DoS vulnerability (CVE-2022-0778)

CVE(s):

CVE-2022-0778

Updated: 2022 mar 18

Product(s):

Sophos Firewall

Sophos UTM

Sophos Web Appliance (SWA)

Version de l’article 1

ID de la publication sophos-sa-20220318-openssl-dos

Première publication ven 18/03/2022 - 22:00

Solution No
Medium

SSL VPN Client Local DoS (CVE-2021-36809)

CVE(s):

CVE-2021-36809

Updated: 2022 mar 3

Product(s):

Sophos SSL VPN client

Version de l’article 1

ID de la publication sophos-sa-20220303-sslvpn-local-dos

Première publication jeu 03/03/2022 - 09:30

Solution No
Informational

Advisory: Central Logging

CVE(s):

Updated: 2022 fév 8

Product(s):

Sophos Central

Version de l’article 2

ID de la publication 2022-02-CentralLogging

Première publication mar 08/02/2022 - 22:17

Solution No
High

Resolved Post-auth SQLi in Capsule8 Console (CVE-2022-0366)

CVE(s):

CVE-2022-0366

Updated: 2022 fév 1

Product(s):

Capsule8 Console

Version de l’article 1

ID de la publication sophos-sa-20220201-cap8-console-sqli

Première publication mar 01/02/2022 - 21:08

Solution No
Critical

Advisory: Log4j zero-day vulnerability AKA Log4Shell (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832)

CVE(s):

CVE-2021-44228

CVE-2021-45046

CVE-2021-45105

CVE-2021-44832

Updated: 2022 jan 13

Product(s):

Client Authentication Agent

Cloud Optix

Intercept X Endpoint

Intercept X for Server

Reflexion

SafeGuard Enterprise (SGN)

Sophos Authenticator

Sophos Central

Sophos Connect Client 2.0

Sophos Email

Sophos Email Appliance (SEA)

Sophos Enterprise Console (SEC)

Sophos Firewall

Sophos Home

Sophos Mobile

Sophos Mobile EAS Proxy

Sophos RED

Sophos SSL VPN client

Sophos Transparent Authentication Suite (STAS)

Sophos UTM

Sophos UTM Manager

Sophos Web Appliance (SWA)

Sophos Wireless

Sophos ZTNA

SophosLabs Intelix

Version de l’article 27

ID de la publication sophos-sa-20211210-log4j-rce

Première publication ven 10/12/2021 - 13:45

Solution No
High

Resolved Post-auth SQLi in SG UTM User Portal (CVE-2021-36807)

CVE(s):

CVE-2021-36807

Updated: 2021 nov 26

Product(s):

Sophos UTM

Version de l’article 1

ID de la publication sophos-sa-20211126-sg-sqli

Première publication ven 26/11/2021 - 10:07

Solution No
Medium

Resolved HMPA Service Local DoS (CVE-2021-25269)

CVE(s):

CVE-2021-25269

Updated: 2021 nov 26

Product(s):

Sophos Exploit Prevention

Intercept X for Server

Intercept X Endpoint

Version de l’article 1

ID de la publication sophos-sa-20211126-ixa-hmpa-local-dos

Première publication ven 26/11/2021 - 08:00

Solution No
Medium

Resolved App Password Bypass on Sophos Secure Workspace for Android (CVE-2021-36808)

CVE(s):

CVE-2021-36808

Updated: 2021 oct 29

Product(s):

Sophos Secure Workspace (Android)

Version de l’article 1

ID de la publication sophos-sa-20211029-ssw-pw-bypass

Première publication ven 29/10/2021 - 17:41

Solution No
High

Resolved LPE in HitmanPro.Alert (CVE-2021-25270)

CVE(s):

CVE-2021-25270

Updated: 2021 oct 7

Product(s):

HitmanPro.Alert

Version de l’article 2

ID de la publication sophos-sa-20211007-hmpa-lpe

Première publication jeu 07/10/2021 - 10:23

Solution No
High

Resolved LPE in HitmanPro (CVE-2021-25271)

CVE(s):

CVE-2021-25271

Updated: 2021 oct 7

Product(s):

HitmanPro

Version de l’article 2

ID de la publication sophos-sa-20211007-hmp-lpe

Première publication jeu 07/10/2021 - 09:56

Solution No
Critical

Resolved RCE in SG UTM WebAdmin (CVE-2020-25223)

CVE(s):

CVE-2020-25223

Updated: 2021 sep 23

Product(s):

Sophos UTM

Version de l’article 2

ID de la publication sophos-sa-20200918-sg-webadmin-rce

Première publication ven 18/09/2020 - 21:11

Solution Yes
Medium

Multiple Vulnerabilities (AKA FragAttacks) in WiFi Specification

CVE(s):

CVE-2020-24586

CVE-2020-24587

CVE-2020-24588

Updated: 2021 mai 12

Product(s):

Sophos Firewall

Sophos UTM

Sophos Wireless

Version de l’article 1

ID de la publication sophos-sa-20210512-fragattacks

Première publication mer 12/05/2021 - 18:13

Solution No
High

Resolved LPE in Endpoint for MacOS (CVE-2021-25264)

CVE(s):

CVE-2021-25264

Updated: 2021 mai 7

Product(s):

Intercept X Endpoint

Version de l’article 1

ID de la publication sophos-sa-20210507-ix-macos-lpe

Première publication ven 07/05/2021 - 18:11

Solution No
Critical

Multiple Vulnerabilities (AKA 21Nails) in Exim

CVE(s):

Updated: 2021 mai 4

Product(s):

Sophos Firewall

Sophos UTM

Version de l’article 1

ID de la publication sophos-sa-20210504-exim-21nails

Première publication mar 04/05/2021 - 17:33

Solution Yes
Medium

Resolved RCE in Sophos Connect Client for Windows (CVE-2021-25265)

CVE(s):

CVE-2021-25265

Updated: 2021 mar 1

Product(s):

Sophos Connect Client 2.0

Version de l’article 1

ID de la publication sophos-sa-20210301-connect-client-rce

Première publication lun 01/03/2021 - 19:18

Solution No
Medium

Multiple Dnsmasq Vulnerabilities (AKA DNSpooq) in Sophos RED

CVE(s):

CVE-2020-25684

CVE-2020-25685

CVE-2020-25686

Updated: 2021 jan 19

Product(s):

Sophos RED

Version de l’article 1

ID de la publication sophos-sa-20210119-red-dnspooq

Première publication mar 19/01/2021 - 20:12

Solution No
Critical

Resolved SQLi in Cyberoam OS WebAdmin (CVE-2020-29574)

CVE(s):

CVE-2020-29574

Updated: 2020 déc 10

Product(s):

Cyberoam OS Devices

Version de l’article 1

ID de la publication sophos-sa-20201210-cyberoam-webadmin-sqli

Première publication jeu 10/12/2020 - 20:50

Solution No

Services managés

Services managés

Security Advisories

Services managés

Produits

Security Advisories