Actively exploited vulnerability

CVE-2022-3236: Sophos Firewall Code Injection Vulnerability

A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.

CISA KEV source 23 Sep 2022 added 14 Oct 2022 remediation due

Affected product

Sophos ยท Firewall

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2022-3236.