๐Ÿ›ก [email protected]/:~# โ€‹Dec 13, 2023

"๐Ÿ”’ Sophos Backports RCE Fix: Proactive Response to Firewall Vulnerabilities ๐Ÿ›ก๏ธ"

Sophos addressed a critical code injection vulnerability (CVE-2022-3236) in their firewall's User Portal and Webadmin, facilitating remote code execution. Originally fixed in Sep 2022, Sophos proactively backported this fix to unsupported EOL firmware after recent exploit attempts. This move underscores the risk EOL devices pose and highlights the importance of timely updates. Sophos' swift response with an auto-applied hotfix for 99% of affected systems showcases a strong commitment to cybersecurity. ๐Ÿšจ๐Ÿ–ฅ๏ธ

For those unable to update, restricting WAN access and using VPN or Sophos Central is advised. Stay vigilant and keep your systems updated!

CVE-2022-3236 Details: A code injection vulnerability allowing remote code execution in Sophos Firewall versions up to v19.0 MR1.

Article by Bill Toulas BleepingComputer๐Ÿ”—

Tags: #Sophos #Cybersecurity #FirewallSecurity #VulnerabilityManagement #RCE #CVE20223236 #InfoSec #EOLRisk #SystemUpdates ๐ŸŒ๐Ÿ”‘๐Ÿ›ก๏ธ

Sophos backports RCE fix after attacks on unsupported firewalls

Sophos opted to backport a security update for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions after discovering hackers actively exploiting the flaw in attacks.

BleepingComputer