Blog
Share This Post
[ad_1]
Hotfixes have been revealed for three vulnerabilities affecting Sophos Firewall versions 21.0 GA and older, two of which were of critical severity, reports The Hacker News.
Potential exploitation of the critical pre-auth SQL injection bug, tracked as CVE-2024-12727, and critical weak credentials flaw, tracked as CVE-2024-12728, could prompt remote code execution and account exposure in nearly 0.05% and almost 0.5% of Sophos firewalls, respectively, according to Sophos. RCE attacks are also likely in intrusions leveraging the high-severity post-auth code injection issue, tracked as CVE-2024-12729. Sophos noted that addressing CVE-2024-12727 requires the execution of the “cat /conf/nest_hotfix_status” command from the firewall console’s Advanced Shell, while both CVE-2024-12728 and CVE-2024-12729 need the execution of the “system diagnostic show version-info” command. Organizations with vulnerable Sophos firewalls have also been urged to limit SSH access and/or conduct High Availability cluster reconfigurations, as well as deactivate WAN access through SSH and isolate User Portal and Webadmin from WAN, while waiting for official patches.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
