Search
Search Results (5 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25269 | 1 Sophos | 3 Exploit Prevention, Intercept X Endpoint, Intercept X For Server | 2024-11-21 | 4.4 Medium |
| A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3. | ||||
| CVE-2021-25266 | 1 Sophos | 2 Authenticator, Intercept X | 2024-11-21 | 3.9 Low |
| An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495. | ||||
| CVE-2021-25264 | 1 Sophos | 2 Home, Intercept X | 2024-11-21 | 6.7 Medium |
| In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator privileges. | ||||
| CVE-2020-9363 | 1 Sophos | 6 Cloud Optix, Endpoint Protection, Intercept X Endpoint and 3 more | 2024-11-21 | 7.8 High |
| The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction. | ||||
| CVE-2024-8885 | 1 Sophos | 1 Intercept X | 2024-10-04 | 8.8 High |
| A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files. | ||||
Page 1 of 1.