Sophos has disclosed five independent security vulnerabilities affecting its Firewall products, with two critical vulnerabilities enabling attackers to achieve remote code execution without authentication.
The cybersecurity vendor published the advisory on July 21, 2025, detailing vulnerabilities that impact specific configurations of Sophos Firewall installations, though the affected device populations remain relatively small at less than 1% for most issues.
https://cyberpress.org/critical-sophos- ... abilities/