all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Vulnerability in Sophos Firewall Could Allow for Remote Code Execution

Add to bookmarks
Jan. 19, 2023, 5:31 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in Sophos Firewall that could allow for remote code execution. Sophos Firewall is a next generation firewall product which enables users to manage, detect and respond to threats on the network. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the account, an attacker could then install programs; view, change, or delete data; or create new accounts with full …

account code code execution context detect exploitation firewall install manage network next generation firewall privileges product remote code remote code execution respond service sophos sophos firewall threats vulnerability

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 20 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Oracle Quarterly Critical Patches Issued April 16, 2024 1 week ago | www.cisecurity.org
april code code execution critical +7
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 1 week ago | www.cisecurity.org
authentication avalanche code code execution +23
Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 1 week, 1 day ago | www.cisecurity.org
attacker chrome code code execution +9
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 1 week, 2 days ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +17
A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 1 week, 5 days ago | www.cisecurity.org
alto arbitrary code arbitrary code execution code +16
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 weeks ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2 weeks, 1 day ago | www.cisecurity.org
adobe adobe after effects adobe commerce after effects +14
Critical Patches Issued for Microsoft Products, April 09, 2024 2 weeks, 1 day ago | www.cisecurity.org
accounts april attacker change +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Technical Solutions Engineer, Security

@ Google | Mexico City, CDMX, Mexico
View on infosec-jobs.com

Assoc Eng Equipment Engineering

@ GlobalFoundries | SGP - Woodlands
View on infosec-jobs.com

Staff Security Engineer, Cloud Infrastructure

@ Flexport | Bellevue, WA; San Francisco, CA
View on infosec-jobs.com

Software Engineer III, Google Cloud Security and Privacy

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com

Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy

@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs