Headline
CVE-2020-25223: Community Security Blog - Sophos Community
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
Tags
Subscribe by email
More
Cancel
- 26 Feb 2022
Hardening Your Sophos Firewall
Here are some recommendations to harden the overall security of your Sophos Firewall. Table of Contents Keep Your Firmware Updated and Hotfixes Enabled Limit Firewall Device Access Lock Down Remote Access to Other Network Systems Use Multi-Factor …
- 25 Feb 2022
- 15 Sep 2021
- 5 Sep 2021
- 25 Aug 2021
PetitPotam Attack
A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, with proof of concept code published. Many organizations utilize Microsoft Active Directory Certificate Services, wh…
- 28 Jul 2021
Kaseya VSA Supply-Chain Ransomware Attack
First updated 2021-07-02, 19:50 UTC Last updated 2021-07-06, 04:10 UTC Sophos is aware of a supply chain attack that uses Kaseya to deploy a variant of the REvil ransomware into a victim’s environment.The attack is geographically dispersed. Org…
- 2 Jul 2021
- 30 Jun 2021
- 12 May 2021
勧告: Exim の複数の脆弱性 (別名 21Nails)
To view the English version of this blog, please click here. 概要 2021 年 5 月 4 日、Qualys は、広く使用されているオープンソースのメッセージ転送エージェント (MTA) である Exim メールソフトウェアについて、複数の CVE を公開するセキュリティアドバイザリをリリースしました。これらの脆弱性は、ローカルおよびリモートの攻撃者によって使用される可能性があり、Exim のバージョン 4.94…
- 10 May 2021
Advisory: Resolved LPE in Endpoint for MacOS (CVE-2021-25264)
Overview A local privilege escalation vulnerability in Sophos Endpoint products for MacOS was recently discovered and responsibly disclosed to Sophos. It was reported via the Sophos bug bounty program by an external security researcher. The vul…
- 7 May 2021
- 4 May 2021
- 1 Mar 2021
- 19 Jan 2021
- 10 Dec 2020
Advisory: NAT Slipstreaming
Overview A recently identified attack known as NAT Slipstreaming can potentially bypass browser protections to compromise an end-user device and then utilize Network Address Translation (NAT) on a firewall or router to a…
- 7 Dec 2020
- 18 Sep 2020
Advisory: Resolved RCE in SG UTM WebAdmin (CVE-2020-25223)
Overview A remote code execution vulnerability in the WebAdmin of SG UTM was discovered and responsibly disclosed to Sophos in 2020. It was reported via the Sophos bug bounty program by an external security researcher. The vulnerabili…
- 18 Sep 2020
Advisory: Resolved authenticated RCE issues in User Portal (CVE-2020-17352)
Overview
Two vulnerabilities in the User Portal of XG Firewall were recently discovered and responsibly disclosed to Sophos. They were reported via the Sophos bug bounty program by an external security researcher. Both vulnerabilities were post-authentication command injection vulnerabilities and have been fixed.
The remediation prevented authenticated users from remotely executing arbitrary code. There was no evidence that…
- 7 Aug 2020
Advisory: Resolved RCE via SQLi (CVE-2020-15504)
Overview
An SQL injection vulnerability in the email quarantine release feature of XG Firewall was recently discovered and responsibly disclosed to Sophos by external security researchers. The vulnerability has been fixed. The remediation prevented remote execution of arbitrary code. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted.
Sophos would like to thank Jakob…
- 10 Jul 2020
Advisory: Buffer overflow in XG Firewall v17.x User Portal
Overview
Sophos discovered an XG Firewall v17.x vulnerability regarding access to physical and virtual units configured with the user portal exposed on the WAN. This was a previously unknown buffer overflow vulnerability in the user portal HTTP/S bookmark feature.
Sophos quickly responded and remediated with a hotfix that removes the HTTP/S bookmark functionality for all XG Firewalls running SFOS v17.x. XG Firewall v18…
- 25 Jun 2020
Advisory: Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503)
Overview
A heap overflow vulnerability in awarrensmtp, a component of XG Firewall firmware, was recently discovered and responsibly disclosed to Sophos by an external security researcher. The vulnerability can potentially allow a remote attacker to execute arbitrary code.
Sophos would like to thank Arseniy Sharoglazov from Positive Technologies for responsibly disclosing this issue to Sophos.
There is no action required…
- 17 Jun 2020
Advisory: CVE-2020-10947 - Sophos Anti-Virus for macOS privilege escalation
Overview
A privilege escalation vulnerability was discovered and responsibly disclosed on 17 August, 2019 by Lasse Trolle Borup of Danish Cyber Defence that impacted specific versions of Sophos Anti-Virus for macOS. All supported versions were fixed by 5 December 2019. The only action required for customers is to verify they are running the fixed version.
Description of Vulnerability
An unprivileged, authenticated attacker…
- 16 Apr 2020
Sophos Comments to CVE-2020-9363
Overview
There are many possible ways to create a corrupted archive file that remains readable to some unpacking tools, while not being readable by other tools, including endpoint protection products in general. These endpoint protection products will only be able to detect malware hidden inside corrupted archives when the contents of the archive are unpacked by the 3rd party tool using on-access scanning technology.
…
- 12 Mar 2020
Related news
The Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected devices and scale its network. Microsoft Threat Intelligence Center (MSTIC) is tracking the ongoing threat under the moniker DEV-1061, its designation for unknown, emerging, or developing activity clusters. Zerobot, first documented by Fortinet FortiGuard Labs earlier this month,