Resolved LPE vulnerability in Sophos Intercept X for Windows (CVE-2024-8885)

Torna alla panoramica degli advisory di sicurezza
High
CVE
CVE-2024-8885
Updated:
Prodotto/i
Intercept X Endpoint
ID di pubblicazione sophos-sa-20241002-cde-lpe
Versione dell'articolo 1
Prima pubblicazione
Soluzione alternativa No

Overview

Sophos has fixed a local privilege escalation vulnerability, allowing arbitrary file writing, in the Device Encryption component of Sophos Intercept X for Windows.

There is no action required for customers using the default updating policy, as updates for Recommended packages are installed automatically by default.

Customers using Fixed Term Support (FTS) or Long Term Support (LTS) packages are required to upgrade to receive this fix. See below for details.

Sophos would like to thank Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com) for responsibly disclosing the issue to Sophos.

Applies to the following Sophos product(s) and version(s)

Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older

Remediation

  • Ensure you are running a supported version
  • Fix included in Device Encryption 2024.2.1.6 on September 19, 2024:
  • Users of older versions of Sophos Intercept X are required to upgrade to receive the latest protections, and this fix

Related information