- Description
- A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1).
- Source
- security-alert@sophos.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security-alert@sophos.com
- CWE-94
- Hype score
- Not currently trending
Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) 2024/12/19 https://t.co/hqwe1s1qux
@tdatwja
26 Dec 2024
227 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
به تازگی ۳ آسیب پذیری از نوع SQL injection و RCE و privileged SSH access با کدهای شناسایی CVE-2024-12727 و CVE-2024-12728 و CVE-2024-12729 برای فایروال سوفوس منتشر شده است. https://t.co/Poz3aKYxT1 https://t.co/RoU9Vf7NlH
@AmirHossein_sec
26 Dec 2024
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sophos publie des correctifs pour plusieurs vulnérabilités critiques (CVE-2024-12727, CVE-2024-12728 et CVE-2024-12729) dans ses pare-feu : risques d'exécution de code à distance et d'accès non autorisé. https://t.co/fkXPqfhyvq
@cert_ist
23 Dec 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) | Sophos https://t.co/gIvDMHZbNp
@jsisen
23 Dec 2024
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 New Vulnerabilities 🚨 Sophos Firewall - RCE and Privilege Escalation Vulnerabilities (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) Read More: https://t.co/HjpIvs65J8 https://t.co/LDhXnUt0Ou
@cyberlearnorg
21 Dec 2024
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) URL: https://t.co/fqhIytYCf5 Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
@samilaiho
21 Dec 2024
733 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
Sophos Güvenlik Duvarı Ürünlerinde Kritik Güvenlik Açığı Sophos, kritik güvenlik açıklarını düzeltmek için yamalar yayımladı. CVE-2024-12727, CVE-2024-12728 ve CVE-2024-12729 kodlu açıklar. https://t.co/WgvmymT0cQ #SophosFirewall #SiberGüvenlik #GüvenlikAçığı
@secloot
20 Dec 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Sophos Critical Firewall Vulnerabilities Patched (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) 🚨 Severity: 9.8/8.8 (Critical) Impact: Risks of remote code execution and unauthorized privileged access. ➡️ Sophos has issued hotfixes. Update immediately to secure your… http
@arunpratap786
20 Dec 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Sophos Critical Firewall Vulnerabilities Patched (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) 🚨 Severity: 9.8/8.8 (Critical) Impact: Risks of remote code execution and unauthorized privileged access. ➡️ Sophos has issued hotfixes. Update immediately to secure your… http
@arunpratap786
20 Dec 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sophos fixes Triple Critical Vulnerabilities in its Firewall #Sophos #CVE-2024-12727 #CVE-2024-12728 #CVE-2024-12729 https://t.co/HA6vYJSNCK
@pravin_karthik
20 Dec 2024
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sophos Firewall 脆弱性(CVE-2024-12727、CVE-2024-12728、CVE-2024-12729)を修正 Email Protection機能における事前認証型SQLインジェクションの脆弱性 CVE-2024-12727 CVSS9.8 Criticalなど、緊急度の高い脆弱性が含まれています。なお、ホットフィックスの自動更新が有効の場合は対応不要です。 https://t.co/vIBRwcnAOD
@t_nihonmatsu
20 Dec 2024
493 Impressions
2 Retweets
9 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Advisories - Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) https://t.co/HR9C3ul01T
@abdda149
20 Dec 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update CVE-2024-12727 (CVSS 9.8): Pre-auth SQL Injection CVE-2024-12728 (CVSS 9.8): Insecure SSH Passphrase CVE-2024-12729 (CVSS 8.8): Post-auth Code Injection ZoomEyeGPT Search Query:Search for assets… https://
@zoomeye_team
20 Dec 2024
859 Impressions
4 Retweets
11 Likes
3 Bookmarks
1 Reply
0 Quotes
🚨🚨CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update CVE-2024-12727 (CVSS 9.8): Pre-auth SQL Injection CVE-2024-12728 (CVSS 9.8): Insecure SSH Passphrase CVE-2024-12729 (CVSS 8.8): Post-auth Code Injection ZoomEyeGPT Search Query:Search for assets… https://
@zoomeye_team
20 Dec 2024
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sophos Issues Urgent Firewall Security Update Discover the significant risks posed by the Sophos Firewall vulnerabilities CVE-2024-12727 (CVSS 9.8), CVE-2024-12728 (CVSS 9.8), and CVE-2024-12729. Stay updated and secure your network https://t.co/AgMDQltSpt
@the_yellow_fall
20 Dec 2024
382 Impressions
2 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-12729 Authenticated Remote Code Execution in Sophos Firewall User Portal In Sophos Firewall versions older than 21.0 MR1 (21.0.1), there is a code injection vulnerability in the User Portal. Authenticate... https://t.co/gmIwNeHzED
@VulmonFeeds
20 Dec 2024
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-12729: HIGH] A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1).#cybersecurity,#vulnerability https://t.co/LgA3tohbaM https://t.co/6p5flvSIog
@CveFindCom
19 Dec 2024
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12729 A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). https://t.co/OsTuEmicTP
@CVEnew
19 Dec 2024
445 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes