Sophos, a leading provider of cybersecurity solutions, has announced patch updates for several significant security vulnerabilities affecting its firewall products. The advisory details multiple critical and high-severity flaws identified in various versions of Sophos Firewall and urges users and administrators to apply necessary updates promptly.
Five security issues were found within its firewall software. These could potentially allow malicious actors to execute arbitrary code, compromise system integrity, or take control of affected devices. Notably, the vulnerabilities impact specific configurations and versions, with some affecting only a small percentage of devices.
The issues include remote code execution, SQL injection, command injection, and business logic flaws, which could be exploited under certain conditions such as active quarantine policies, specific configurations, or outdated versions.
The vulnerabilities primarily affect older versions of Sophos Firewall:
- Vulnerabilities tracked as CVE-2024-13974 and CVE-2024-13973 – Impacting version 21.0 GA (21.0.0) and earlier.
- CVE-2025-6704, CVE-2025-7624, CVE-2025-7382 – Impacting version 21.5 GA (21.5.0) and earlier.
Sophos has released hotfixes to address these issues, with updates, and recommends that all users ensure their devices are running supported versions and that hotfixes are applied. Devices configured to automatically install hotfixes will receive these updates without manual intervention. They’ve also confirmed that, to date, there have been no reports of these vulnerabilities being exploited in the wild.
For more detailed information and ongoing security updates, please visit the official advisory here.
Leave a Reply