Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x prior to 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate malicious users to obtain desktop access by leveraging the absence of a login screen.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos enterprise console 5.2 |
||
sophos enterprise console |
||
sophos enterprise console 5.2.1 |
||
sophos enterprise console 5.1 |