Sophos

Sophoshas has recently fixed a critical vulnerability in its Sophos Firewall product that could allow remote code execution.

The vulnerability was impacting Sophos Firewall versions 18.5 MR3 (18.5.3).

It could allow a remote attacker to access the Firewall's User Portal or Webadmin interface to bypass authentication and execute arbitrary code.

Source: https://www.bleepingcomputer.com/news/security/critical-sophos-firewall-vulnerability-allows-remote-code-execution/?traffic_source=Connatix

TPRM report: https://scoringcyber.rankiteo.com/company/sophos

"id": "sop205228322",
"linkid": "sophos",
"type": "Vulnerability",
"date": "03/2022",
"severity": "90",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"

{'affected_entities': [{'industry': 'Cybersecurity',
                        'name': 'Sophos',
                        'type': 'Company'}],
 'attack_vector': 'Remote Code Execution',
 'description': 'Sophos has recently fixed a critical vulnerability in its '
                'Sophos Firewall product that could allow remote code '
                'execution. The vulnerability was impacting Sophos Firewall '
                'versions 18.5 MR3 (18.5.3). It could allow a remote attacker '
                "to access the Firewall's User Portal or Webadmin interface to "
                'bypass authentication and execute arbitrary code.',
 'impact': {'systems_affected': 'Sophos Firewall'},
 'title': 'Sophos Firewall Remote Code Execution Vulnerability',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'Sophos Firewall versions 18.5 MR3 (18.5.3)'}

Sophos

Dansons

Bolton Global

LPL Financial