logo

CVE-2022-3236 - Sophos Firewall Code Injection Vulnerability

CVE-2022-3236

Sophos | Firewall

  • Date Added:
  • 2022-09-23
  • Due Date:
  • 2022-10-14
Vulnerability Name

Sophos Firewall Code Injection Vulnerability

Description

A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce; https://nvd.nist.gov/vuln/detail/CVE-2022-3236
Related News Articles

Free security scan for your website