Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix to customers who have automatic installation of hotfixes enabled. If this news triggers a feeling of déjà vu, there’s a good reason: earlier this year, another zero-day (CVE-2022-1040) in the same component was leveraged by attackers against “a small set of specific organizations, primarily in the South Asia region” – and this time around is … More
The post RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: