Security Advisories

Impact
Advisory Name
CVE
Updated
Product Family
Article Version
  • High
    Resolved LPE in HitmanPro.Alert (CVE-2021-25270)
    CVE(s):
    CVE-2021-25270
    Updated:
    Product(s):
    HitmanPro.Alert
    Article Version: 2
    Publication ID: sophos-sa-20211007-hmpa-lpe
    First Published:
    Workaround: No
  • High
    Resolved LPE in HitmanPro (CVE-2021-25271)
    CVE(s):
    CVE-2021-25271
    Updated:
    Product(s):
    HitmanPro
    Article Version: 2
    Publication ID: sophos-sa-20211007-hmp-lpe
    First Published:
    Workaround: No
  • Critical
    Resolved RCE in SG UTM WebAdmin (CVE-2020-25223)
    CVE(s):
    CVE-2020-25223
    Updated:
    Product(s):
    Sophos UTM
    Article Version: 2
    Publication ID: sophos-sa-20200918-sg-webadmin-rce
    First Published:
    Workaround: Yes
  • Medium
    Multiple Vulnerabilities (AKA FragAttacks) in WiFi Specification
    CVE(s):
    CVE-2020-24586
    CVE-2020-24587
    CVE-2020-24588
    Updated:
    Product(s):
    Sophos Firewall XG
    Sophos UTM
    Sophos Wireless
    Article Version: 1
    Publication ID: sophos-sa-20210512-fragattacks
    First Published:
    Workaround: No
  • High
    Resolved LPE in Endpoint for MacOS (CVE-2021-25264)
    CVE(s):
    CVE-2021-25264
    Updated:
    Product(s):
    Intercept X
    Article Version: 1
    Publication ID: sophos-sa-20210507-ix-macos-lpe
    First Published:
    Workaround: No
  • Critical
    Multiple Vulnerabilities (AKA 21Nails) in Exim
    CVE(s):
    Updated:
    Product(s):
    Sophos Firewall XG
    Sophos UTM
    Article Version: 1
    Publication ID: sophos-sa-20210504-exim-21nails
    First Published:
    Workaround: Yes
  • Medium
    Multiple Dnsmasq Vulnerabilities (AKA DNSpooq) in Sophos RED
    CVE(s):
    CVE-2020-25684
    CVE-2020-25685
    CVE-2020-25686
    Updated:
    Product(s):
    Sophos RED
    Article Version: 1
    Publication ID: sophos-sa-20210119-red-dnspooq
    First Published:
    Workaround: No
  • Critical
    Resolved SQLi in Cyberoam OS WebAdmin (CVE-2020-29574)
    CVE(s):
    CVE-2020-29574
    Updated:
    Product(s):
    Cyberoam OS Devices
    Article Version: 1
    Publication ID: sophos-sa-20201210-cyberoam-webadmin-sqli
    First Published:
    Workaround: No
  • Informational
    NAT Slipstreaming
    CVE(s):
    Updated:
    Product(s):
    Cyberoam OS Devices
    Sophos Firewall XG
    Sophos UTM
    Article Version: 1
    Publication ID: sophos-sa-20201207-nat-slipstreaming
    First Published:
    Workaround: No
  • Critical
    Resolved RCE via SQLi (CVE-2020-15504)
    CVE(s):
    CVE-2020-15504
    Updated:
    Product(s):
    Sophos Firewall XG
    Article Version: 1
    Publication ID: sophos-sa-20200710-xg-sqli-rce
    First Published:
    Workaround: No
  • Informational
    Sophos Comments to CVE-2020-9363
    CVE(s):
    CVE-2020-9363
    Updated:
    Product(s):
    Sophos UTM
    Article Version: 1
    Publication ID: sophos-sa-20200312-cve-2020-9363
    First Published:
    Workaround: No
  • Informational
    Exim CVE-2019-15846 and Sophos Products
    CVE(s):
    CVE-2019-15846
    Updated:
    Product(s):
    Sophos Email
    Sophos Firewall XG
    Sophos UTM
    Article Version: 1
    Publication ID: sophos-sa-20191016-exim-cve
    First Published:
    Workaround: No