CVE-2022-1040 - Sophos Firewall Authentication Bypass Vulnerability
Project:Sophos
Product:Firewall
Date Added:2022-03-31Due Date:2022-04-21
Vulnerability Name
Sophos Firewall Authentication Bypass Vulnerability
Description
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-1040
Related News Articles
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos FirewallsDecember 11, 2024
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud ServicesNovember 8, 2024
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber IntrusionsNovember 6, 2024
Custom "Pygmy Goat" malware used in Sophos Firewall hack on govt networkNovember 5, 2024