More than 4,400 Sophos firewall servers remain vulnerable to critical exploits

by
Dan Goodin
from Ars Technica - All content on (#67Y1J)
exploit-800x534.jpg

Enlarge (credit: Getty Images)

More than 4,400 Internet-exposed servers are running versions of the Sophos Firewall that's vulnerable to a critical exploit that allows hackers to execute malicious code, a researcher has warned.

CVE-2022-3236 is a code-injection vulnerability allowing remote code execution in the User Portal and Webadmin of Sophos Firewalls. It carries a severity rating of 9.8 out of 10. When Sophos disclosed the vulnerability last September, the company warned it had been exploited in the wild as a zero-day. The security company urged customers to install a hotfix and, later on, a full-blown patch to prevent infection.

According to recently published research, more than 4,400 servers running the Sophos firewall remain vulnerable. That accounts for about 6 percent of all Sophos firewalls, security firm VulnCheck said, citing figures from a search on Shodan.

Read 5 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments