CVE-2021-25269

MEDIUM

Sophos Intercept X Advanced <2.0.23 - Privilege Escalation

Title source: llm

Description

A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-ixa-hmpa-local-dos

Scores

CVSS v3 4.4

EPSS 0.0024

EPSS Percentile 15.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-428

Status published

Products (3)

sophos/exploit_prevention < 3.8.3

sophos/intercept_x_endpoint < 2.0.23

sophos/intercept_x_for_server < 2.0.23

Published Nov 26, 2021

Tracked Since Feb 18, 2026