CVE-2020-9363

HIGH

Sophos Cloud Optix < 2020-01-14 - Interpretation Conflict

Title source: rule

Description

The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.

References (2)

[Third Party Advisory] https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html

[Vendor Advisory] https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 19.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-436

Status published

Products (6)

sophos/cloud_optix < 2020-01-14

sophos/endpoint_protection < 2020-01-14

sophos/intercept_x_endpoint < 2020-01-14

sophos/intercept_x_for_server < 2020-01-14

sophos/mobile < 2020-01-14

sophos/secure_web_gateway < 2020-01-14

Published Feb 24, 2020

Tracked Since Feb 18, 2026