CVE-2022-3713
HIGHSophos XG Firewall Firmware < 19.0 - Code Injection
Title source: ruleDescription
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA.
Scores
CVSS v3
8.8
EPSS
0.0011
EPSS Percentile
29.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-94
Status
published
Affected Products (1)
sophos/xg_firewall_firmware
< 19.0
Timeline
Published
Dec 01, 2022
Tracked Since
Feb 18, 2026