Browse all 47 CVE security advisories affecting Sophos. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sophos operates primarily as a provider of enterprise-grade cybersecurity solutions, focusing on endpoint protection, network security, and cloud infrastructure defense for organizations worldwide. With forty-seven recorded Common Vulnerabilities and Exposures, the company’s historical security landscape reveals a pattern typical of complex software ecosystems, predominantly featuring remote code execution and cross-site scripting flaws. These vulnerabilities often stem from intricate integration points within its management consoles and endpoint agents, occasionally allowing unauthorized access or privilege escalation. While no catastrophic, company-ending breaches have defined its recent history, individual component compromises have necessitated rigorous patch management cycles. The firm maintains a robust security engineering framework, emphasizing rapid response to disclosed issues. This approach underscores the inherent challenges of securing comprehensive security platforms, where the tools themselves must withstand the same rigorous scrutiny they apply to client environments, ensuring continuous trust in their defensive capabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-1807 | Sophos Firewall SQL注入漏洞 — Sophos Firewall | 7.2 | High | 2022-09-07 |
| CVE-2021-25268 | Sophos Firewall 跨站脚本漏洞 — Sophos Firewall | 8.4 | High | 2022-05-05 |
| CVE-2021-25267 | Sophos Firewall 跨站脚本漏洞 — Sophos Firewall | 6.8 | Medium | 2022-05-05 |
| CVE-2021-25266 | Sophos Authenticator 安全漏洞 — Intercept X for Mobile (Android) | 3.9 | Low | 2022-04-27 |
| CVE-2022-0331 | Sophos Firewall 信息泄露漏洞 — Sophos Firewall | 5.3 | Medium | 2022-03-29 |
| CVE-2022-1040 | Sophos Firewall 授权问题漏洞 — Sophos Firewall | 9.8 | Critical | 2022-03-25 |
| CVE-2022-0652 | Sophos UTM 日志信息泄露漏洞 — Sophos UTM | 3.3 | Low | 2022-03-21 |
| CVE-2022-0386 | Sophos UTM SQL注入漏洞 — Sophos UTM | 8.8 | High | 2022-03-21 |
| CVE-2021-36809 | SSL VPN 代码问题漏洞 — SSL VPN client | 6.1 | Medium | 2022-03-07 |
| CVE-2021-36807 | Sophos SG UTM SQL注入漏洞 — SG UTM | 8.8 | High | 2021-11-26 |
| CVE-2021-25269 | Sophos Intercept X Advanced 代码问题漏洞 — Intercept X Advanced | 4.4 | Medium | 2021-11-26 |
| CVE-2021-36808 | Sophos Secure Workspace For Android 竞争条件问题漏洞 — Sophos Secure Workspace for Android | 5.9 | Medium | 2021-10-30 |
| CVE-2021-25271 | Sophos HitmanPro 安全漏洞 — HitmanPro | 6.0 | - | 2021-10-07 |
| CVE-2021-25270 | Sophos HitmanPro 安全漏洞 — HitmanPro.Alert | 6.7 | - | 2021-10-07 |
| CVE-2021-25273 | Sophos UTM 跨站脚本漏洞 — Sophos UTM | 4.8 | - | 2021-07-29 |
| CVE-2021-25264 | Sophos Endpoint Protection 代码注入漏洞 — Intercept X for MacOS | 6.7 | - | 2021-05-17 |
| CVE-2021-25265 | Sophos Sophos Connect clien 安全漏洞 — Sophos Connect Client | 8.8 | - | 2021-03-22 |
This page lists every published CVE security advisory associated with Sophos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.