Sophos, a well-known cybersecurity solutions provider, has promptly resolved a significant security vulnerability discovered in their Firewall system.
The flaw, reported by IT für Caritas eG, affected the Secure PDF eXchange (SPX) feature and could have exposed sensitive data.
The flaw only impacted users who chose the “specified by sender” option for the password type in the SPX feature.
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
Password Disclosure Vulnerability
The password disclosure vulnerability (CVE-2023-5552) allowed an attacker to access the password of the encrypted PDF file generated by the SPX feature.
This could have compromised the confidentiality and integrity of the data contained in the PDF file. IT für Caritas eG, a German IT service provider, discovered and responsibly disclosed the flaw.
Users who have enabled the default setting of “Allow automatic installation of hotfixes” on their Sophos Firewall are unaffected by this issue.
Temporary Solution
Users concerned about this flaw can apply a temporary solution by changing the “Password type” option in their SPX template to “Generated and stored for the recipient.”
This will prevent the password from being disclosed to an attacker.
Permanent Solution
Users who want to resolve this flaw completely should make sure they are running a supported version of Sophos Firewall.
Sophos has released hotfixes for several versions, including:
- v19.5 MR3 (19.5.3) and older
- v19.5 MR3 and MR2 (Hotfixes released on October 12, 2023)
- v20.0 EAP1, v19.5 MR1-1, MR1, and GA (Hotfixes released on October 13, 2023)
- v19.0 MR3, MR2, MR1-1, and MR1 (Hotfixes released on October 13, 2023)
Additionally, the fix for this flaw is included in v19.5 MR4 (19.5.4) and v20.0 GA.
Users using older versions of Sophos Firewall are strongly advised to upgrade to the latest version to get the best protection and this important fix.
This incident reminds users of the importance of updating their software and applying patches and hotfixes as soon as possible to maintain a strong cybersecurity posture.
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.