Australian Cyber Security Centre
Background /What has happened?
A remote code execution (RCE) vulnerability (CVE-2022-1040) has been identified in User Portal and Webadmin of Sophos Firewall in versions 18.5 MR3 (18.5.3) and older. Sophos Firewall software provides network and user endpoint security.
Exploitation of an RCE vulnerability could allow a malicious actor to remotely install malware or otherwise control the affected device.
Exploitation attempts have been observed. The ACSC is not aware of any successful exploitation attempts against Australian organisations.
/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).View in full here.
