Web security flaw in Sophos Firewall patched


The vendor cautions that attackers have taken advantage of a newly fixed vulnerability in Sophos Firewall to launch focused attacks. A remote code execution risk exists because of the critical vulnerability (CVE-2022-3236).

The security flaw in Sophos Firewall’s User Portal and WebAdmin may be exploitable by versions of the firewall that are older than Sophos Firewall 19.0 MR1. Sophos announced that it has released a fix that will automatically install in default installations of its firewall technology in a security alert that was published on Friday. Read More…