CVE-2024-12727

Published Dec 19, 2024

Last updated 2 months ago

CVSS critical 9.8

Overview

Description
A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code execution if a specific configuration of Secure PDF eXchange (SPX) is enabled in combination with the firewall running in High Availability (HA) mode.
Source
security-alert@sophos.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security-alert@sophos.com
CWE-89

Social media

Hype score
Not currently trending

  1. Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) 2024/12/19 https://t.co/hqwe1s1qux

    @tdatwja

    26 Dec 2024

    227 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. به تازگی ۳ آسیب پذیری از نوع SQL injection و RCE و privileged SSH access با کدهای شناسایی CVE-2024-12727 و CVE-2024-12728 و CVE-2024-12729 برای فایروال سوفوس منتشر شده است. https://t.co/Poz3aKYxT1 https://t.co/RoU9Vf7NlH

    @AmirHossein_sec

    26 Dec 2024

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 「Sophos Firewall」に複数の深刻な脆弱性 - 影響は1%未満(1ページ目 / 全2ページ):Security NEXT https://t.co/cnCALCiEyu >「CVE-2024-12727」は、メールの保護機能に判明したSQLインジェクションの脆弱性。レポートのデータベースが侵害され、リモートよりコードを実行されるおそれがある。

    @abdda149

    26 Dec 2024

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Sophos publie des correctifs pour plusieurs vulnérabilités critiques (CVE-2024-12727, CVE-2024-12728 et CVE-2024-12729) dans ses pare-feu : risques d'exécution de code à distance et d'accès non autorisé. https://t.co/fkXPqfhyvq

    @cert_ist

    23 Dec 2024

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-12728,CVE-2024-12727 alert 🚨 Mutiples vulnerability in Sophos XG Firewall The vulnerability is actively exploited in the wild and has been integrated into Patrowl. Our customers assets are protected. 🦉 #CyberSecurity #InfoSec https://t.co/lBlGIIxam0

    @Patrowl_io

    23 Dec 2024

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) | Sophos https://t.co/gIvDMHZbNp

    @jsisen

    23 Dec 2024

    32 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Top 5 Trending CVEs: 1 - CVE-2024-54150 2 - CVE-2023-34990 3 - CVE-2024-12356 4 - CVE-2024-56145 5 - CVE-2024-12727 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    22 Dec 2024

    161 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. #Vulnerability #CVE202412727 CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update https://t.co/5VTejXkaea

    @Komodosec

    22 Dec 2024

    49 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🚨 New Vulnerabilities 🚨 Sophos Firewall - RCE and Privilege Escalation Vulnerabilities (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) Read More: https://t.co/HjpIvs65J8 https://t.co/LDhXnUt0Ou

    @cyberlearnorg

    21 Dec 2024

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) URL: https://t.co/fqhIytYCf5 Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8

    @samilaiho

    21 Dec 2024

    733 Impressions

    2 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  11. Sophos Güvenlik Duvarı Ürünlerinde Kritik Güvenlik Açığı Sophos, kritik güvenlik açıklarını düzeltmek için yamalar yayımladı. CVE-2024-12727, CVE-2024-12728 ve CVE-2024-12729 kodlu açıklar. https://t.co/WgvmymT0cQ #SophosFirewall #SiberGüvenlik #GüvenlikAçığı

    @secloot

    20 Dec 2024

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 Sophos Critical Firewall Vulnerabilities Patched (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) 🚨 Severity: 9.8/8.8 (Critical) Impact: Risks of remote code execution and unauthorized privileged access. ➡️ Sophos has issued hotfixes. Update immediately to secure your… http

    @arunpratap786

    20 Dec 2024

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨 Sophos Critical Firewall Vulnerabilities Patched (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) 🚨 Severity: 9.8/8.8 (Critical) Impact: Risks of remote code execution and unauthorized privileged access. ➡️ Sophos has issued hotfixes. Update immediately to secure your… http

    @arunpratap786

    20 Dec 2024

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Sophos fixes Triple Critical Vulnerabilities in its Firewall #Sophos #CVE-2024-12727 #CVE-2024-12728 #CVE-2024-12729 https://t.co/HA6vYJSNCK

    @pravin_karthik

    20 Dec 2024

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Sophos Firewall 脆弱性(CVE-2024-12727、CVE-2024-12728、CVE-2024-12729)を修正 Email Protection機能における事前認証型SQLインジェクションの脆弱性 CVE-2024-12727 CVSS9.8 Criticalなど、緊急度の高い脆弱性が含まれています。なお、ホットフィックスの自動更新が有効の場合は対応不要です。 https://t.co/vIBRwcnAOD

    @t_nihonmatsu

    20 Dec 2024

    493 Impressions

    2 Retweets

    9 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CVE-2024-12727, -28, -29: Multiple vulns in Sophos Firewall, 8.8 - 9.8 rating 🔥 Disclosed vulns in Sophos Firewall include two SQLis, and a weak SSH passphrase. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/jsUapol8w8 #cybersecurity #vulnerability_map https://t.co/

    @Netlas_io

    20 Dec 2024

    605 Impressions

    4 Retweets

    9 Likes

    3 Bookmarks

    7 Replies

    0 Quotes

  17. Security Advisories - Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) https://t.co/HR9C3ul01T

    @abdda149

    20 Dec 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update https://t.co/N89Bvjbjkf

    @Dinosn

    20 Dec 2024

    2295 Impressions

    4 Retweets

    8 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  19. 🚨🚨CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update CVE-2024-12727 (CVSS 9.8): Pre-auth SQL Injection CVE-2024-12728 (CVSS 9.8): Insecure SSH Passphrase CVE-2024-12729 (CVSS 8.8): Post-auth Code Injection ZoomEyeGPT Search Query:Search for assets… https://

    @zoomeye_team

    20 Dec 2024

    859 Impressions

    4 Retweets

    11 Likes

    3 Bookmarks

    1 Reply

    0 Quotes

  20. 🚨🚨CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update CVE-2024-12727 (CVSS 9.8): Pre-auth SQL Injection CVE-2024-12728 (CVSS 9.8): Insecure SSH Passphrase CVE-2024-12729 (CVSS 8.8): Post-auth Code Injection ZoomEyeGPT Search Query:Search for assets… https://

    @zoomeye_team

    20 Dec 2024

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. Sophos Firewallに重大(Critical)な脆弱性複数。CVE-2024-12727はCVSSスコア9.8で、メール保護機能における認証不要のSQLインジェクション。CVE-2024-12728はHA構成確立時の固定SSHパスワード。修正済み。悪用は確認されていない。 https://t.co/DhWgjihOSF // 自宅ラボの構成が該当しないとは確認済

    @__kokumoto

    20 Dec 2024

    718 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Sophos Issues Urgent Firewall Security Update Discover the significant risks posed by the Sophos Firewall vulnerabilities CVE-2024-12727 (CVSS 9.8), CVE-2024-12728 (CVSS 9.8), and CVE-2024-12729. Stay updated and secure your network https://t.co/AgMDQltSpt

    @the_yellow_fall

    20 Dec 2024

    382 Impressions

    2 Retweets

    7 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  23. CVE-2024-12727 Pre-Auth SQL Injection in Sophos Firewall Leads to RCE An SQL injection vulnerability exists in Sophos Firewall versions before 21.0 MR1 (21.0.1). This affects the email protection feature. It lets... https://t.co/mmUtmJfSvQ

    @VulmonFeeds

    20 Dec 2024

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. [CVE-2024-12727: CRITICAL] SQL injection vulnerability in Sophos Firewall <21.0 MR1 allows database access & remote code execution. Immediate update needed for cyber security protection.#cybersecurity,#vulnerability https://t.co/VHyfOXSoFY https://t.co/mwIB3v97mG

    @CveFindCom

    19 Dec 2024

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. CVE-2024-12727 A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting databas… https://t.co/ID7jJPnR6m

    @CVEnew

    19 Dec 2024

    379 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References