RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)

Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix to customers who have automatic installation of hotfixes enabled. If this news triggers a feeling of déjà vu, there’s a good reason: earlier this year, another zero-day (CVE-2022-1040) in the same component was leveraged by attackers against “a small set of specific organizations, primarily in the South Asia region” – and this time around is … More →

The post …

cve don't miss exploit firewall rce sophos sophos firewall volexity vulnerability