Imechapishwa: Dec 30, 2024 12:06
Advisory No: TZCERT-SA-24-0050
Source: Sophos
Software Affected: Sophos Firewall v21.0 GA (21.0.0) and older
Sophos Firewalls are vulnerable to critical vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code.
Sophos Firewalls are affected by critical vulnerabilities tracked as CVE-2024-12727, and CVE-2024-12728 with CVSS base score of 9.8 each. The vulnerabilities result from pre-auth SQL injection vulnerability in the email protection feature and failure to deactivate High Availability (HA) cluster initialization after the HA establishment process is completed. The attacker can exploit these vulnerabilities by sending a specially crafted request to execute arbitrary code on the affected system.
Successful exploitation of these vulnerabilities may allow the attacker to take control of the affected system.
Sophos has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.
