CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13973
https://notcve.org/view.php?id=CVE-2024-13973
21 Jul 2025 — A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to administrators achieving arbitrary code execution. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13974
https://notcve.org/view.php?id=CVE-2024-13974
21 Jul 2025 — A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’s DNS environment to achieve remote code execution. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce • CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7382
https://notcve.org/view.php?id=CVE-2025-7382
21 Jul 2025 — A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the admin user is enabled. A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the adm... • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7624
https://notcve.org/view.php?id=CVE-2025-7624
21 Jul 2025 — An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6704
https://notcve.org/view.php?id=CVE-2025-6704
21 Jul 2025 — An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode. An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration o... • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7433
https://notcve.org/view.php?id=CVE-2025-7433
17 Jul 2025 — A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13972
https://notcve.org/view.php?id=CVE-2024-13972
17 Jul 2025 — A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade. A vulnerability related to registry permissions in the Intercept X for Windows updater prior to Core Agent version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7472
https://notcve.org/view.php?id=CVE-2025-7472
17 Jul 2025 — A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13861
https://notcve.org/view.php?id=CVE-2024-13861
11 Apr 2025 — A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected. Una vulnerabilidad de inyección de código en el componente del paquete Debian de Taegis Endpoint Agent (Linux) en versiones anteriores a la 1.3.10 permite a usuarios locales ejecutar código arbitrario como root. Los sistemas basados ??en Red Hat que utilizan paquetes RPM no se ... • https://www.sophos.com/en-us/security-advisories/sophos-sa-20250411-taegis-agent-lpe • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12729
https://notcve.org/view.php?id=CVE-2024-12729
19 Dec 2024 — A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). • https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce • CWE-94: Improper Control of Generation of Code ('Code Injection') •