The Sophos AV parsing engine prior to 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos cloud optix |
||
sophos endpoint protection |
||
sophos intercept x endpoint |
||
sophos intercept x for server |
||
sophos mobile |
||
sophos secure web gateway |