CVE-2020-9363 vulnerability in Sophos Products
Published on February 24, 2020

The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.

NVD

Products Associated with CVE-2020-9363

Want to know whenever a new CVE is published for Sophos products? stack.watch will email you.

Sophos Cloud Optix

Sophos Endpoint Protection

Sophos Intercept X Endpoint

Sophos Intercept X For Server

Sophos Mobile

Sophos Secure Web Gateway

Exploit Probability

EPSS

0.06%

Percentile

19.68%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-9363 vulnerability in Sophos ProductsPublished on February 24, 2020

Products Associated with CVE-2020-9363

Exploit Probability

CVE-2020-9363 vulnerability in Sophos Products
Published on February 24, 2020