Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution

Threat Level

85% Cybersecurity News 4 hours ago Part of cluster #1257

Three critical vulnerabilities in the Sophos Intercept X for Windows product family could allow local attackers to achieve arbitrary code execution with system-level privileges. Identified as CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, the flaws span registry permission misconfigurations, a weakness in the Device Encryption component, and an issue in the Windows installer running under the SYSTEM account. […]...

Continue Reading on Original Site

Recommended Articles

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

The Hacker News 6 hours ago

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that's designed to deliver a malware codenamedLAMEHUG. "An obvious feature of LAMEHUG is the use ...

In Other News: Law Firm Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass

SecurityWeek 3 hours ago

Noteworthy stories that might have slipped under the radar: powerful US law firm hacked by China, Symantec product flaw, $10,000 Meta AI hack, cryptocurrency thieves bypassing FIDO keys....

New Phobos ransomware decryptor lets victims recover files for free

BleepingComputer 1 hour ago

New Phobos ransomware decryptor lets victims recover files for free Lawrence Abrams July 18, 2025 11:56 AM 0 The Japanese police have released a Phobos and 8-Base ransomware decryptor that lets victim...

‘UNC3886 is Attacking Our Critical Infrastructure Right Now’: Singapore’s National Security Lawmaker

The Cyber Express 2 hours ago

In a rare and urgent late-night address, a senior Singapore official confirmed that the country is currently facing a sophisticated and ongoing cyberattack targeting its critical infrastructure. The a...

Hackers scanning for TeleMessage Signal clone flaw exposing passwords

BleepingComputer 2 hours ago

Hackers scanning for TeleMessage Signal clone flaw exposing passwords Bill Toulas July 18, 2025 11:06 AM 0 Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the Tele...

Threat Intelligence

Business Intelligence

Companies 1

Security Vendors 1

Sophos

Platforms 1

Windows

Technical Indicators

CVEs 3

CVE-2024-13972 CVE-2025-7433 CVE-2025-7472

Information

Article ID: #3805
Published: 4 hours ago
Source: Cybersecurity News

Recommended Articles

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

In Other News: Law Firm Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass

New Phobos ransomware decryptor lets victims recover files for free

‘UNC3886 is Attacking Our Critical Infrastructure Right Now’: Singapore’s National Security Lawmaker

Hackers scanning for TeleMessage Signal clone flaw exposing passwords

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies