Sophos warns that Firewall Vulnerability targets Specific Organizations in the South Asian Regions  

Sophos is a British based Security software and hardware company. This company develops products for network security, email security, mobile security and threat management and their firewalls to detect suspicious and malicious network activity.

Four days back, An external cybersecurity researcher found RCE and sent the information privately to Sopho through the firm’s bug bounty program. After knowing this, Sophos has patched the vulnerability and on the other hand, users received a hotfix to fix this issue. They also advised the users to use VPN along with Sohos to improve the security. Sophos said that this bug is an authentication bypass that could lead to remote code execution.

This Vulnerability is tracked as CVE-2022-1040(CVSS Score of 9.8) and attacks Sophos Firewall version v18.5 MR3 and older versions.

Today, The company said, ” Sophos has observed this vulnerability being used to target a small set of specific organizations primarily in the South Asian regions. We have informed each of these organizations directly.” They have released patches for Sophos firewalls if this is not possible, Sophos ensured that unless the user portal and Webadmin are not exposed to WAN there is no issue in it as users can Protect themselves.