Sophos has patched three separate high-severity local privilege escalation (LPE) vulnerabilities in its widely used Intercept X for Windows product and its installer. These flaws, identified as CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, could allow local users to gain SYSTEM-level access, posing serious risks in enterprise environments.