Sophos Firewall

Discussions CVE-2022-3226

Sophos Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 3 replies
Subscribers 29 subscribers
Views 887 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE-2022-3226

Andre Soares over 2 years ago

Hello everybody.
What is Sophos' recommendation for mitigating CVE-2022-3226 until the 19.5 update is released to everyone?

nvd.nist.gov/.../CVE-2022-3226

This thread was automatically locked due to age.

Top Replies

Vivek Jagad over 2 years ago +2 verified

Hello Andre Soares , Thank you for reaching out to the community, here is the work around mentioned - https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

Parents

0 bobbylam over 2 years ago

Hi Andre,

For CVE-2022-3226, this vulnerability is only exploitable when an attacker has administrator privilege and uploads a malicious file onto the Firewall.

If you are concerned about this vulnerability, like Luca said the best course of action is to upgrade to SFOS v19.5.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 bobbylam over 2 years ago

Hi Andre,

For CVE-2022-3226, this vulnerability is only exploitable when an attacker has administrator privilege and uploads a malicious file onto the Firewall.

If you are concerned about this vulnerability, like Luca said the best course of action is to upgrade to SFOS v19.5.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data