CVE-2025-6704

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sophos Firewall versions prior to 21.0 MR2 (21.0.2)

Description An arbitrary file writing vulnerability exists in the Secure PDF eXchange (SPX) feature. This issue can lead to pre-authentication remote code execution when a specific SPX configuration is enabled in combination with the firewall operating in High Availability (HA) mode.

Recommendations Update Sophos Firewall to version 21.0 MR2 (21.0.2) or later.

Fix

RCE

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

BDU:2025-14340

CVE-2025-6704

Affected Products

Sophos Firewall

CVE-2025-6704

Weakness Enumeration

Related Identifiers

Affected Products

References · 28