Sophos, a British based security software and firewall company reports a critical Remote Code Execution (RCE) vulnerability has been identified and patched. This vulnerability (CVE-2022-1040) has a CVSS base score of 9.8 and impacts all Sophos firewalls v18.5 and later.
This vulnerability allows a threat actor to bypass authentication in login portals then allow the attacker remote execute capabilities. Sophos has a knowledge Base guide to help determine if the hotfix was applied in your environment.
Sophos has a history of firewall vulnerabilities being utilized by threat actors to gain access to corporate networks.
No Cloudience customers are affected by or use this service.
The CloudSentinel‘s Threat Reporting system is Cloudience’s own managed security operation center which alerts our clients and partners of new threats as they surface. Our threat reports are a culmination of the most advance threat detection systems in tandem with our top threat reporting partnerships providing a strategic, non biased threat intelligence report.