Sophos has fixed three separate security vulnerabilities in Sophos Firewall. The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such as remote code execution and privilege escalation.
The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Cybersecurity researchers recently revealed a coordinated cloud-based scanning attack that targeted 75 different exposure points earlier this month. On May...
Recent security research has shown that attackers can weaken zero-trust security frameworks by exploiting a key DNS vulnerability, disrupting automated...
Applies to the following Sophos product(s) and version(s):
Sophos Firewall v21.0 GA and earlier
Source: Sophos
No action is needed for Sophos Firewall customers who have the “Allow automatic installation of hotfixes” feature enabled in the remediated versions. This setting is enabled by default.
Sophos has not seen these vulnerabilities exploited yet at this time.