CVE-2022-3236

CVE-2022-3236 is a critical code injection security vulnerability that was identified in the Sophos Firewall product. This flaw, a result of software design or implementation issues, was being actively exploited by malicious actors in the wild. The vulnerability was first brought to light by Sophos in September 2022, as they issued a warning to users about the potential risks and started working on patches to address this issue. By the end of September 2022, Sophos had resolved the Remote Code Execution (RCE) vulnerability in their firewall product. They released patches that were aimed at mitigating the risks associated with CVE-2022-3236. These patches were designed to protect devices from the active exploits being carried out by attackers. The information regarding these patches and their deployment was shared via Sophos's security advisories. Over a year after the initial patch delivery, Sophos has continued its efforts to ensure the safety of its user base. Recognizing the ongoing risk, especially for End-Of-Life (EOL) devices that might still be in use, Sophos has released additional patches. These new patches are intended to further safeguard vulnerable EOL devices from potential exploitation due to the CVE-2022-3236 vulnerability.