Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices

Threat Score:
54
The Hacker News
1 month ago

Overview

Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution. The two vulnerabilitiesimpactingSophos Firewall are listed below - CVE-2025-6704(CVSS score: 9.8) - An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall...

Related Articles

5 articles
1
Amazon disrupts Russian APT29 hackers targeting Microsoft 365

Amazon disrupts Russian APT29 hackers targeting Microsoft 365

BleepingComputer 2 hours ago

Amazon disrupts Russian APT29 hackers targeting Microsoft 365 Bill Toulas September 1, 2025 11:35 AM 0 Researchers have disrupted an operation attributed to the Russian state- threat group Midnight Blizzard, which sought access to Microsoft 365 accounts and data. Also known as APT29, the hacker group compromised websites in a watering hole campaign to redirect selected targets "to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s de

Score
86
Read more
3

Grandes ataques cibernéticos, ataques de ransomware e violaciones de datos: agosto de 2025

Ciberseguridadpyme 8 hours ago

Revisión de los ⁢principales⁤ Ataques cibernéticos, ataques⁤ de Ransomware y‌ Violacias de Datos: Agosto 2025 El ciberespacio Ha​ Sido Durante Mucho Tiempo Un Campo de Batalla ⁤Tecnológico para Luchar contra ​la Ciberdelincuencia. Han ⁢Pasado Cinco Años Desde 2020, Un Año Marcado⁣ Por Un Número ‌sin precedentes de Ciberataques. Una organización​ Medida Que ⁢Las y⁣ las⁢ […] La entrada Grandes ataques cibernéticos, ataques de ransomware e violaciones de datos: agosto de 2025 se publicó primero en

Score
85
Read more