Browse all 47 CVE security advisories affecting Sophos. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sophos operates primarily as a provider of enterprise-grade cybersecurity solutions, focusing on endpoint protection, network security, and cloud infrastructure defense for organizations worldwide. With forty-seven recorded Common Vulnerabilities and Exposures, the company’s historical security landscape reveals a pattern typical of complex software ecosystems, predominantly featuring remote code execution and cross-site scripting flaws. These vulnerabilities often stem from intricate integration points within its management consoles and endpoint agents, occasionally allowing unauthorized access or privilege escalation. While no catastrophic, company-ending breaches have defined its recent history, individual component compromises have necessitated rigorous patch management cycles. The firm maintains a robust security engineering framework, emphasizing rapid response to disclosed issues. This approach underscores the inherent challenges of securing comprehensive security platforms, where the tools themselves must withstand the same rigorous scrutiny they apply to client environments, ensuring continuous trust in their defensive capabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-10159 | Sophos AP6 Series 安全漏洞 — AP6 Series Wireless Access PointsCWE-620 | 9.8 | Critical | 2025-09-09 |
| CVE-2024-13973 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-89 | 6.8 | Medium | 2025-07-21 |
| CVE-2024-13974 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-807 | 8.1 | High | 2025-07-21 |
| CVE-2025-7382 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-78 | 8.8 | High | 2025-07-21 |
| CVE-2025-7624 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-89 | 9.8 | Critical | 2025-07-21 |
| CVE-2025-6704 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-78 | 9.8 | Critical | 2025-07-21 |
| CVE-2025-7433 | Sophos Intercept X 安全漏洞 — Sophos Intercept X for WindowsCWE-502 | 8.8 | High | 2025-07-17 |
| CVE-2024-13972 | Sophos Intercept X 安全漏洞 — Sophos Intercept X for Windows Core AgentCWE-276 | 8.8 | High | 2025-07-17 |
| CVE-2025-7472 | Sophos Intercept X 安全漏洞 — Sophos Intercept X for Windows InstallerCWE-427 | 7.5 | High | 2025-07-17 |
| CVE-2024-13861 | Secureworks Taegis Endpoint Agent 安全漏洞 — Taegis Endpoint Agent (Linux)CWE-732 | 7.8 | High | 2025-04-11 |
| CVE-2024-12729 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-94 | 8.8 | High | 2024-12-19 |
| CVE-2024-12728 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-1391 | 9.8 | Critical | 2024-12-19 |
| CVE-2024-12727 | Sophos Firewall 安全漏洞 — Sophos FirewallCWE-89 | 9.8 | Critical | 2024-12-19 |
| CVE-2024-8885 | Sophos Intercept X 安全漏洞 — Sophos Intercept XCWE-1104 | 8.8 | High | 2024-10-02 |
| CVE-2021-36806 | Sophos Email Appliance 安全漏洞 — Sophos Email ApplianceCWE-79 | 4.7 | Medium | 2023-11-30 |
| CVE-2023-5552 | Sophos Firewall 信息泄露漏洞 — Sophos FirewallCWE-200 | 7.1 | High | 2023-10-17 |
| CVE-2020-36692 | Sophos Web Appliance 跨站脚本漏洞 — Sophos Web Appliance | 6.5 | Medium | 2023-04-04 |
| CVE-2022-4934 | Sophos Web Appliance 命令注入漏洞 — Sophos Web Appliance | 7.2 | High | 2023-04-04 |
| CVE-2023-1671 | Sophos Web Appliance 命令注入漏洞 — Sophos Web Appliance | 9.8 | Critical | 2023-04-04 |
| CVE-2022-4901 | Sophos Connect 跨站脚本漏洞 — Sophos Connect Client | 3.3 | Low | 2023-03-01 |
| CVE-2022-48310 | Sophos Connect 安全漏洞 — Sophos Connect Client | 5.5 | Medium | 2023-03-01 |
| CVE-2022-48309 | Sophos Connect 跨站请求伪造漏洞 — Sophos Connect Client | 4.3 | Medium | 2023-03-01 |
| CVE-2022-3226 | Sophos Firewall 操作系统命令注入漏洞 — Sophos Firewall | 7.2 | High | 2022-12-01 |
| CVE-2022-3713 | Sophos Firewall 代码注入漏洞 — Sophos Firewall | 8.8 | High | 2022-12-01 |
| CVE-2022-3710 | Sophos Firewall SQL注入漏洞 — Sophos Firewall | 2.7 | Low | 2022-12-01 |
| CVE-2022-3709 | Sophos Firewall 跨站脚本漏洞 — Sophos Firewall | 6.8 | Medium | 2022-12-01 |
| CVE-2022-3696 | Sophos Firewall 代码注入漏洞 — Sophos Firewall | 7.2 | High | 2022-12-01 |
| CVE-2022-3711 | Sophos Firewall SQL注入漏洞 — Sophos Firewall | 4.3 | Medium | 2022-12-01 |
| CVE-2022-3980 | Sophos Mobile 代码问题漏洞 — Sophos Mobile managed on-premises | 9.8 | Critical | 2022-11-16 |
| CVE-2022-3236 | Sophos Firewall 代码注入漏洞 — Sophos Firewall | 9.8 | Critical | 2022-09-23 |
This page lists every published CVE security advisory associated with Sophos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.