• Latest
  • Trending
Critical Sophos Firewall vulnerability allows remote code execution

Critical Sophos Firewall vulnerability allows remote code execution

March 28, 2022
Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Friday, 17 July, 2026
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Critical Sophos Firewall vulnerability allows remote code execution

by ITECHNEWS
March 28, 2022
in Infosec, Leading Stories
0 0
0
Critical Sophos Firewall vulnerability allows remote code execution

Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution (RCE).

Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall.

YOU MAY ALSO LIKE

French Telco Orange Hit by Cyber-Attack

ATC Ghana supports Girls-In-ICT Program

RCE bug in web administration console

On Friday, Sophos disclosed a critical remote code execution vulnerability impacting Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier that the company released hotfixes for.

Assigned CVE-2022-1040 with a 9.8 CVSS score, the vulnerability allows a remote attacker who can access the Firewall’s User Portal or Webadmin interface to bypass authentication and execute arbitrary code.

Sophos Firewall User Portal
Sophos Firewall User Portal interface (Sophos Community)

The vulnerability was responsibly reported to Sophos by an unnamed external security researcher via the company’s bug bounty program.

To address the flaw, Sophos released hotfixes that should, by default, reach most instances automatically.

“There is no action required for Sophos Firewall customers with the ‘Allow automatic installation of hotfixes’ feature enabled. Enabled is the default setting,” explains Sophos in its security advisory.

The security advisory however implies that some older versions and end-of-life products may need to be actioned manually.

As a general workaround against the vulnerability, the company advises customers to secure their User Portal and Webadmin interfaces:

“Customers can protect themselves from external attackers by ensuring their User Portal and Webadmin are not exposed to WAN,” reads the advisory.

“Disable WAN access to the User Portal and Webadmin by following device access best practices and instead use VPN and/or Sophos Central for remote access and management.”

Earlier this week, Sophos had also resolved two ‘High’ severity vulnerabilities (CVE-2022-0386 and CVE-2022-0652) impacting the Sophos UTM (Unified Threat Management) appliances.

Sophos Firewall bugs previously exploited by attackers

It remains crucial to ensure your Sophos Firewall instances are receiving the latest security patches and hotfixes timely, given that attackers have targeted vulnerable Sophos Firewall instances in the past.

In early 2020, Sophos fixed a zero-day SQL injection vulnerability in its XG Firewall following reports that hackers were actively exploiting it in attacks.

Starting April 2020, threat actors behind the Asnarök trojan malware had exploited the zero-day to try and steal firewall usernames and hashed passwords from vulnerable XG Firewall instances.

The same zero-day had also been exploited by hackers attempting to deliver Ragnarok ransomware payloads onto companies’ Windows systems.

Sophos Firewall users are therefore advised to make sure their products are updated. The Sophos Support website explains how to enable automatic hotfix installation and to verify if the hotfix for CVE-2022-1040 successfully reached your product.

Once automatic hotfix installation is enabled, Sophos Firewall checks for hotfixes every thirty minutes and after any restart.

Source: Ax Sharma
Via: bleepingcomputer
Tags: Critical Sophos Firewall vulnerability
ShareTweet

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa

July 29, 2025
French Telco Orange Hit by Cyber-Attack

French Telco Orange Hit by Cyber-Attack

July 29, 2025

Recent News

  • Absa and Visa Extend Strategic Partnership to Advance Growth and Innovation Across Africa July 29, 2025
  • French Telco Orange Hit by Cyber-Attack July 29, 2025
  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© Copyright 2026, All Rights Reserved | iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© Copyright 2026, All Rights Reserved | iTechNewsOnline.Com - Powered by BackUPDataSystems

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version