Sophos Patches Critical Firewall Vulnerabilities
Sophos has patched several critical security vulnerabilities in its Firewall, including two that could allow arbitrary code execution. These fixes are part of Sophos' ongoing efforts to protect customers from potential threats.
Among the resolved issues, CVE-2025-7624 is an SQL injection flaw in the legacy SMTP proxy. If email quarantining is active and the system was upgraded from pre-21.0 GA versions, it may allow remote code execution. Another critical flaw, CVE-2025-6704 in the SPX feature, can lead to pre-auth remote code execution when combined with HA mode.
Additionally, CVE-2025-7382, a command injection in WebAdmin, may allow adjacent attackers to execute code pre-auth on HA auxiliary devices if One-Time Password (OTP) is enabled. Sophos has fixed these vulnerabilities through hotfixes, and customers with the 'Allow automatic installation of hotfixes' feature enabled need not take any action.
Sophos has addressed five vulnerabilities in its Firewall, including those that could allow remote attackers to execute arbitrary code. Customers are advised to ensure their systems have the latest hotfixes installed to maintain optimal security.
Read also:
- Bishkek: A Time-Capsule City of Soviet Statues and Architecture
- Mitsubishi Electric Acquires Nozomi Networks for $883M in Industrial Cybersecurity Boost
- Strengthening Defense against Multi-faceted menaces in the Age of Authority-driven Technology
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
