Sophos Mobile
By the Year
In 2024 there have been 0 vulnerabilities in Sophos Mobile . Mobile did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 9.80 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 7.80 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Mobile vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Sophos Mobile Security Vulnerabilities
An XML External Entity (XEE) vulnerability
CVE-2022-3980
9.8 - Critical
- November 16, 2022
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.
XXE
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive
CVE-2020-9363
7.8 - High
- February 24, 2020
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
Interpretation Conflict
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Sophos Secure Web Gateway or by Sophos? Click the Watch button to subscribe.
