CVE-2022-3980
CRITICAL EXPLOITED NUCLEISophos Mobile 5.0.0-9.7.4 - XML External Entity Injection
Title source: llmExploitation Summary
CVE-2022-3980 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.
Nuclei Templates (1)
Sophos Mobile managed on-premises - XML External Entity Injection
CRITICALVERIFIEDby dabla
Shodan:
http.favicon.hash:-1274798165 || http.title:"sophos mobile"
FOFA:
title="Sophos Mobile" || icon_hash=-1274798165 || title="sophos mobile"
References (1)
Core 1
Core References
Patch, Vendor Advisory
https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee
Scores
CVSS v3
9.8
EPSS
0.0809
EPSS Percentile
94.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2023-11-13
CWE
CWE-611
Status
published
Products (1)
sophos/mobile
5.0.0 - 9.7.5
Published
Nov 16, 2022
Tracked Since
Feb 18, 2026