Sophos Firewall v19.0 GA Resolves Security Vulnerabilities (CVE-2022-1040, CVE-2021-25268, CVE-2021-25267, CVE-2022-0331)

CVE-2022-1040

An authentication bypass vulnerability allowing remote code execution was discovered in the User Portal and Webadmin of Sophos Firewall and responsibly disclosed to Sophos by an external security researcher. It was reported via the Sophos bug bounty program.

Hotfixes for this issue have been released. See https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce for details.

CRITICAL

CVE-2021-25268

Multiple XSS vulnerabilities allowing for privilege escalation from MySophos admin to SFOS admin in Webadmin of Sophos Firewall were discovered and responsibly disclosed to Sophos by external security researchers. They were reported via the Sophos bug bounty program.

Sophos would like to thank Gaetano Sapia for responsibly disclosing one of these issues to Sophos.

HIGH

CVE-2021-25267

Multiple XSS vulnerabilities allowing for privilege escalation from admin to super-admin in Webadmin of Sophos Firewall were discovered and responsibly disclosed to Sophos by external security researchers. They were reported via the Sophos bug bounty program.

Sophos would like to thank Gaetano Sapia for responsibly disclosing several of these issues to Sophos.

MEDIUM

CVE-2022-0331

An information disclosure vulnerability allowing the device serial number to be read by an unauthenticated user in Webadmin of Sophos Firewall was discovered and responsibly disclosed to Sophos by an external security researcher. It was reported via the Sophos bug bounty program.

Sophos would like to thank Mohammed Adel of Safe Decision Cybersecurity Labs for responsibly disclosing the issue to Sophos.

MEDIUM