CVE-2022-1040β€”Sophos Firewall Authentication Bypass Vulnerability

PUBLISHEDvulnerability record
2022-03-31 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2022-1040
Project:
Sophos
Product:
Firewall
Date Added:
2022-03-31
Due Date:
2022-04-21
Last Updated:
June 21, 2025

Vulnerability Name

Sophos Firewall Authentication Bypass Vulnerability

Description

An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses