Aggregates CVE and security vulnerability intelligence across all Sophos-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection, vendor risk path handling, vendor risk input validation, and vendor risk csrf and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-7624 | An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA. | [email protected] | 9.8 | 1.18% | 2025-07-21 | 2025-11-17 |
| CVE-2025-7382 | A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the admin user is enabled. | [email protected] | 8.8 | 0.24% | 2025-07-21 | 2025-11-17 |
| CVE-2025-6704 | An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode. | [email protected] | 9.8 | 1.58% | 2025-07-21 | 2025-08-18 |
| CVE-2024-13974 | A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’s DNS environment to achieve remote code execution. | [email protected] | 8.1 | 1.28% | 2025-07-21 | 2025-11-17 |
| CVE-2024-13973 | A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to administrators achieving arbitrary code execution. | [email protected] | 6.8 | 0.49% | 2025-07-21 | 2025-11-17 |
| CVE-2024-13861 | A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected. | [email protected] | 7.8 | 0.01% | 2025-04-11 | 2025-05-07 |
| CVE-2024-12729 | A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). | [email protected] | 8.8 | 0.58% | 2024-12-19 | 2025-11-12 |
| CVE-2024-12728 | A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3). | [email protected] | 9.8 | 0.39% | 2024-12-19 | 2025-11-12 |
| CVE-2024-12727 | A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code execution if a specific configuration of Secure PDF eXchange (SPX) is enabled in combination with the firewall running in High Availability (HA) mode. | [email protected] | 9.8 | 3.12% | 2024-12-19 | 2025-11-12 |
| CVE-2021-36806 | A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on Sophos Email Appliance older than version 4.5.3.4. | [email protected] | 4.7 | 0.05% | 2023-11-30 | 2024-11-21 |
| CVE-2023-5552 | A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”. | [email protected] | 7.1 | 0.09% | 2023-10-18 | 2024-11-21 |
| CVE-2023-33335 | Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed. | [email protected] | 6.1 | 0.05% | 2023-07-05 | 2024-11-21 |
| CVE-2023-33336 | Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes. | [email protected] | 4.8 | 0.03% | 2023-06-30 | 2024-11-21 |
| CVE-2023-1671 KEV | A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. | [email protected] | 9.8 | 94.30% | 2023-04-04 | 2025-10-27 |
| CVE-2022-4934 | A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code. | [email protected] | 7.2 | 0.46% | 2023-04-04 | 2025-02-11 |
| CVE-2020-36692 | A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA. | [email protected] | 6.5 | 0.34% | 2023-04-04 | 2025-02-11 |
| CVE-2022-4901 | Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim. | [email protected] | 3.3 | 0.35% | 2023-03-01 | 2025-03-07 |
| CVE-2022-48310 | An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90. | [email protected] | 5.5 | 0.04% | 2023-03-01 | 2025-03-07 |
| CVE-2022-48309 | A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90. | [email protected] | 4.3 | 0.11% | 2023-03-01 | 2025-03-07 |
| CVE-2022-3713 | A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA. | [email protected] | 8.8 | 0.08% | 2022-12-01 | 2025-04-24 |