Sophos has released patches for five critical vulnerabilities in their Firewall software, which could allow remote code execution by attackers. These fixes address issues in features such as Secure PDF eXchange, SMTP proxy, WebAdmin, and others, impacting specific configurations and versions. #SophosFirewall #RemoteCodeExecution
Keypoints
- Sophos disclosed five vulnerabilities in their firewall that could lead to remote code execution (RCE).
- The CVE-2025-6704 flaw affects the Secure PDF eXchange feature in high availability modes.
- A SQL injection vulnerability (CVE-2025-7624) impacts the legacy SMTP proxy under specific upgrade conditions.
- A command injection bug (CVE-2025-7382) can be exploited if OTP authentication is enabled on HA devices.
- Patches are included in multiple versions, but users with outdated versions must upgrade to remain protected.
Read More: https://www.securityweek.com/critical-vulnerabilities-patched-in-sophos-firewall/