I take it Sophos UTMs are exposed to this vulnerability and Sophos is releasing a Patch for all models affected soon?
This thread was automatically locked due to age.
I take it Sophos UTMs are exposed to this vulnerability and Sophos is releasing a Patch for all models affected soon?
Hi Simon,
Reading more on that CVE tells me it only applies if someone malicious or otherwise has already gained access to the shell of the UTM via loginuser (if they got to root first, you're stuffed anyway). Considering the SSH will only be exposed through adiministrative or test interaction and should (in best practice) be severely restricted, this has very limited impact withe UTM. Unlike a Linux webserver, virtual host or user device wherein there would be general interaction from multiple third parties.
However it is a legitimate concern, hopefully there is a patch in the pipeline :)
Emile
Hi Simon,
Reading more on that CVE tells me it only applies if someone malicious or otherwise has already gained access to the shell of the UTM via loginuser (if they got to root first, you're stuffed anyway). Considering the SSH will only be exposed through adiministrative or test interaction and should (in best practice) be severely restricted, this has very limited impact withe UTM. Unlike a Linux webserver, virtual host or user device wherein there would be general interaction from multiple third parties.
However it is a legitimate concern, hopefully there is a patch in the pipeline :)
Emile