logo
Home/CVEs/CVE-2022-3236/

CVE-2022-3236 - Sophos Firewall Code Injection Vulnerability

Project:Sophos

Product:Firewall

Date Added:2022-09-23Due Date:2022-10-14

Vulnerability Name

Sophos Firewall Code Injection Vulnerability

Description

A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

https://nvd.nist.gov/vuln/detail/CVE-2022-3236

Related News Articles

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ CountriesNovember 26, 2024

Salt Typhoon hackers backdoor telcos with new GhostSpider malwareNovember 26, 2024

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber IntrusionsNovember 6, 2024