430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Sophos fixed a critical flaw in its Sophos Firewall version 19.5

Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, including arbitrary code execution issues. Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5, including some arbitrary code execution bugs. The most severe issue addressed by the security vendor is a critical code injection vulnerability tracked as CVE-2022-3236. “A code […]

Sophos Firewall

Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, including arbitrary code execution issues.

Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5, including some arbitrary code execution bugs.

The most severe issue addressed by the security vendor is a critical code injection vulnerability tracked as CVE-2022-3236.

“A code injection vulnerability allowing remote code execution was discovered in the User Portal and Webadmin.” reads the advisory.

In September Sophos warned of this critical code injection security vulnerability (CVE-2022-3236) affecting its Firewall product which is being exploited in the wild. Sophos confirmed that this vulnerability was being used to target a small set of specific organizations, primarily in the South Asia region.

Sophos Firewall User Portal interface

The security vendor also addressed three vulnerabilities rated as ‘high’ severity, below is the list of these issues:

  • CVE-2022-3226 – An OS command injection vulnerability allowing admins to execute code via SSL VPN configuration uploads was discovered by Sophos during internal security testing.
  • CVE-2022-3713 – A code injection vulnerability allowing adjacent attackers to execute code in the Wifi controller was discovered by Sophos during internal security testing. It requires attackers to be connected to an interface with the Wireless Protection service enabled.
  • CVE-2022-3696 – A post-auth code injection vulnerability allowing admins to execute code in Webadmin was discovered and responsibly disclosed to Sophos by an external security researcher. It was reported via the Sophos bug bounty program.

The company also fixed two flaws, rated as medium severity, respectively a stored XSS vulnerability (CVE-2022-3709) and a post-auth read-only SQL injection flaw (CVE-2022-3711).

The seventh issue addressed by the company is a post-auth read-only SQL injection vulnerability, tracked as CVE-2022-3710, rated as low severity.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, code execution flaws)

[adrotate banner=”5″]

[adrotate banner=”13″]