High Threat Security Alert (A22-09-16): Vulnerability in Sophos Firewall
26 September 2022
Sophos has published a security advisory to address a code injection vulnerability in the administration interface and user portal of the firewall. The details of the security update can be found at: https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce
Reports indicate that a remote code execution vulnerability (CVE-2022-3236) is being exploited in the wild. You are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.
Sophos Firewall versions prior to v19.0 MR1 (19.0.1)
Successful exploitation could lead to remote code execution on affected system.
Software updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
System administrators are also advised to follow the security best practice to disable the unnecessary Internet access to the administration interface and user portal of the firewall.