- Description
- The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-436
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:cloud_optix:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96B66395-50D3-4BF3-B22F-72848EC29210",
"versionEndExcluding": "2020-01-14"
},
{
"criteria": "cpe:2.3:a:sophos:endpoint_protection:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D839AB05-A308-48E3-B189-6D5471F12A17",
"versionEndExcluding": "2020-01-14"
},
{
"criteria": "cpe:2.3:a:sophos:intercept_x_endpoint:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8344DA0-3E5B-4EB8-9D82-D388E78F8200",
"versionEndExcluding": "2020-01-14"
},
{
"criteria": "cpe:2.3:a:sophos:intercept_x_for_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD010A1B-5CCB-4862-ADD3-A3B933CBA245",
"versionEndExcluding": "2020-01-14"
},
{
"criteria": "cpe:2.3:a:sophos:mobile:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "646C9C76-75D1-4469-B786-8432DCD78819",
"versionEndExcluding": "2020-01-14"
},
{
"criteria": "cpe:2.3:a:sophos:secure_web_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4855C77A-365D-4EF0-B033-FC694AC96D33",
"versionEndExcluding": "2020-01-14"
}
],
"operator": "OR"
}
]
}
]