.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Critical
Resolved Authentication Bypass Vulnerability in Sophos AP6 Series Wireless Access Points Firmware (CVE-2025-10159)
CVE(N)
CVE-2025-10159
产品(N)
Sophos Wireless
更新日
2025 Sep 9
文章版本
1
公開日
2025 Sep 9
公開 ID
sophos-sa-20250909-ap6
回避策
No
Overview
Sophos has fixed an authentication bypass vulnerability in Sophos AP6 Series Wireless Access Points allowing attackers able to reach the access point’s management IP address to gain administrator level privileges. The issue was discovered by Sophos during internal security testing.
There is no action required for customers using the default updating policy, as updates are installed automatically by default.
Customers opting out of automatic updates are required to upgrade to receive this fix. See below for details.
Applies to the following product(s) and version(s)
Sophos AP6 Series Wireless Access Points firmware prior version 1.7.2563 (MR7)
Remediation
- Ensure you are running the latest version of your Sophos AP6 Series Wireless Access Points firmware
- Fix included in AP6 Series Wireless Access Points firmware version 1.7.2563 (MR7) after 11 August 2025
- Users of older versions of Sophos AP6 Series Wireless Access Points firmware are required to upgrade to receive the latest protections, and this fix
Related information
- https://www.cve.org/CVERecord?id=CVE-2025-10159
- https://community.sophos.com/sophoswireless/b/blog/posts/sophos-ap6-series-wireless-update-maintenance-release-mr-7-version-1-7-2563
Sophos Responsible Disclosure Policy
To learn about Sophos security vulnerability disclosure policies and publications, see the Responsible Disclosure Policy.