CVE-2025-7624
published 2025-07-21CVE-2025-7624: An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code…
PriorityP267critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
7.24%
93.6th percentile
An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sophos | firewall_firmware | < 21.0.2 | 21.0.2 |
| sophos | sophos_firewall | < 21.0 MR2 (21.0.2) | 21.0 MR2 (21.0.2) |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Checkpoint
28th July – Threat Intelligence Report
blogs_checkpoint·2025-07-28·CVSS 9.8
CVE-2025-53770 [CRITICAL] 28th July – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 28th July – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 28th July, please download our Threat Intelligence Bulletin .
TOP ATTACKS AND BREACHES
The US Energy Department, including its National Nuclear Security Administration (NNSA), was reportedly breached as part of a Microsoft SharePoint vulnerability exploit. The breach was linked to a broader espionage campaign, that targeted government agencies via the CVE-2025-53770 The extent of the intrusion and data compromise
Bugzilla
CVE-2022-49437 kernel: powerpc/xive: Fix refcount leak in xive_spapr_init
bugzilla·2025-02-26·CVSS 5.5
CVE-2022-49437 [MEDIUM] CVE-2022-49437 kernel: powerpc/xive: Fix refcount leak in xive_spapr_init
CVE-2022-49437 kernel: powerpc/xive: Fix refcount leak in xive_spapr_init
In the Linux kernel, the following vulnerability has been resolved:
powerpc/xive: Fix refcount leak in xive_spapr_init
of_find_compatible_node() returns a node pointer with refcount
incremented, we should use of_node_put() on it when done.
Add missing of_node_put() to avoid refcount leak.
Discussion:
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2022-49437-7624@gregkh/T
---
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2022-49437-7624@gregkh/T
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2025:20518 https://access.redhat.com/errata/RHSA-2025:20518
2025-07-21
Published