CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2022-1040

CVSS 9.8v3.1pub. 2022-03-25upd. 2025-10-27

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sophos Sfos

    OS
    Sophos
    ≤ 18.5.3

CISA KEV — detailsi

Vendori
Sophos
Producti
Firewall
Added to KEVi
March 31, 2022
Remediation deadline (US Federal)i
April 21, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 21 kwietnia 2022
Tags
Auth BypassFirewall
CWE
References

Related vulnerabilities

CVE-2020-12271CRITICAL9.8⚠ KEVten sam produkt

A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall dev...

CVE-2020-11503CRITICAL9.8ten sam produkt

A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potential...

CVE-2018-16117HIGH8.8ten sam produkt

A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow...

CVE-2018-16118HIGH8.1ten sam produkt

A shell escape vulnerability in /webconsole/APIController in the API Configuration component of Sophos XG fire...

CVE-2018-16116HIGH8.8ten sam produkt

SQL injection vulnerability in AccountStatus.jsp in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remot...