Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall

Discussions CVE-2022-3226

Sophos Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 3 replies
Subscribers 42 subscribers
Views 1359 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE-2022-3226

Andre Soares over 1 year ago

Hello everybody.
What is Sophos' recommendation for mitigating CVE-2022-3226 until the 19.5 update is released to everyone?

nvd.nist.gov/.../CVE-2022-3226

This thread was automatically locked due to age.

Top Replies

Vivek Jagad over 1 year ago +2 verified

Hello Andre Soares , Thank you for reaching out to the community, here is the work around mentioned - https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

+1 Vivek Jagad over 1 year ago

Hello Andre Soares ,

Thank you for reaching out to the community, here is the work around mentioned - https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

Thanks & Regards,
_______________________________________________________________

Vivek Jagad | Team Lead, Global Support & Services

Log a Support Case | Sophos Service Guide
Best Practices – Support Case

Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up +2 Vote Down

Cancel
0 LuCar Toni over 1 year ago

The best mitigation is V19.5.

The CVE clearly explains, in which scenario the firewall is affected. It is about the customer to decide, if they want to wait or install the update.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel
0 bobbylam over 1 year ago

Hi Andre,

For CVE-2022-3226, this vulnerability is only exploitable when an attacker has administrator privilege and uploads a malicious file onto the Firewall.

If you are concerned about this vulnerability, like Luca said the best course of action is to upgrade to SFOS v19.5.
Cancel
Vote Up 0 Vote Down

Cancel