Sophos Endpoint Protection vulnerabilities
3 known vulnerabilities affecting sophos/endpoint_protection.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-9233P3HIGHCVSS 7.8PoCv10.72018-04-05
CVE-2018-9233 [HIGH] CWE-916 CVE-2018-9233: Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\So
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.
nvd
CVE-2018-4863P4MEDIUMCVSS 5.5PoCv10.72018-04-05
CVE-2018-4863 [MEDIUM] CWE-254 CVE-2018-4863: Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism
Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.
nvd
CVE-2020-9363P3HIGHCVSS 7.8fixed in 2020-01-142020-02-24
CVE-2020-9363 [HIGH] CWE-436 CVE-2020-9363: The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archi
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extra
nvd