UK-based cybersecurity company Sophos has warned customers that a new zero-day vulnerability affecting some of its firewall products has been exploited in attacks.
An advisory released on Friday states that Sophos Firewall versions 19.0 MR1 (19.0.1) and earlier are vulnerable to a serious flaw that could lead to remote code execution. The product’s User Portal and Webadmin components both contain the flaw, designated CVE-2022-3236.
In-the-wild Sophos zero-day exploit Customers whose products are set up to automatically install hotfixes (this is the default setting) do not need to take any action as the security hole has been patched. Additionally, the business has provided guidelines for determining whether the patch has been applied.