Sophos Firewall: Hotfixes eliminate remote attack threat
Important hotfixes patch firewall gaps that could be abused for remote code execution.
Fresh hotfixes for Sophos Firewall close a total of five vulnerabilities, two of which have been rated as "critical", two with a high severity rating and one with a medium severity rating. Under certain conditions, they could be exploited for remote code execution – in two cases without prior authentication.
Vulnerable versions are v21.0 GA (21.0.0) and older (CVE-2024-13974, CVE-2024-13973) and v21.5 GA (21.5.0) and older(CVE-2025-6704, CVE-2025-7624, CVE-2025-7382).
Videos by heise
Check for updates
The fact that the critical vulnerabilities CVE-2025-6704 and CVE-2025-7624 only affect 0.05 and 0.73 percent of all devices respectively, according to Sophos, should not prevent anyone from quickly applying the updates provided. In the default setting of the firewall ("Allow automatic installation of hotfixes"), the update happens automatically for supported versions, according to Sophos. Nevertheless, it is strongly advisable to follow the instructions provided for checking the firewall for the latest hotfixes.
The Sophos advisory provides additional details on the correlation between firewall versions and required hotfixes as well as the security vulnerabilities.
(ovw)
