Retour à la liste des avis de sécurité
High
CVE
CVE-2024-8885
Updated:
Produit(s)
Intercept X Endpoint
ID de la publication
sophos-sa-20241002-cde-lpe
Version de l’article
1
Première publication
Solution
No
Overview
Sophos has fixed a local privilege escalation vulnerability, allowing arbitrary file writing, in the Device Encryption component of Sophos Intercept X for Windows.
There is no action required for customers using the default updating policy, as updates for Recommended packages are installed automatically by default.
Customers using Fixed Term Support (FTS) or Long Term Support (LTS) packages are required to upgrade to receive this fix. See below for details.
Sophos would like to thank Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com) for responsibly disclosing the issue to Sophos.
Applies to the following Sophos product(s) and version(s)
Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older
Remediation
- Ensure you are running a supported version
- Fix included in Device Encryption 2024.2.1.6 on September 19, 2024:
- Sophos Intercept X for Windows FTS 2024.2.3.9.2 and newer
- Sophos Intercept X for Windows LTS 2024.1.0.45 and newer
- Users of older versions of Sophos Intercept X are required to upgrade to receive the latest protections, and this fix
Related information
- https://www.cve.org/CVERecord?id=CVE-2024-8885
- https://support.sophos.com/support/s/article/KBA-000002911?language=en_US