AI description
CVE-2025-6704 is an arbitrary file writing vulnerability found in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2). The vulnerability is triggered when a specific configuration of SPX is enabled and the firewall is running in High Availability (HA) mode. This vulnerability could allow an attacker to perform pre-authentication remote code execution. The vulnerability impacts approximately 0.05% of deployed devices.
- Description
- An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode.
- Source
- security-alert@sophos.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security-alert@sophos.com
- CWE-78
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
3
Warning: Critical vulnerabilities in @Sophos #Firewall! CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974 CVSS 8.1, CVE-2024-13973 with highest CVSS 9.8. These flaws allow remote code execution! Update and secure your systems NOW! https://t.co/J4yeQ0AEP2 #RCE #Patch
@CCBalert
26 Jul 2025
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرات حرجة في @Sophos و @SonicWall تتيح تنفيذ أوامر عن بُعد بدون مصادقة تم إصدار تحديثات أمنية لمعالجة الثغرات التالية: 🔹 Sophos: - CVE-2025-6704 (9.8) - CVE-2025-7624 (9.8) - CVE-2025
@cyberscastx
25 Jul 2025
877 Impressions
0 Retweets
5 Likes
1 Bookmark
2 Replies
0 Quotes
🚨Alert🚨 :Multiple Vulnerabilities in Sophos Firewall CVE-2025-6704:An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature CVE-2025-7624:An SQL injection vulnerability in the legacy (transparent) SMTP proxy CVE-2025-7382:A command injection https://
@HunterMapping
25 Jul 2025
2565 Impressions
17 Retweets
34 Likes
11 Bookmarks
1 Reply
1 Quote
SophosとSonicWallのファイアウォールに重大なRCE脆弱性(CVE-2025-6704、CVE-2025-7624) https://t.co/QN0cDLxXfz #Security #セキュリティ #ニュース
@SecureShield_
25 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SophosとSonicWallは、それぞれの製品に重大なセキュリティ脆弱性があることを警告した。 Sophos Firewallでは、CVE-2025-6704とCVE-2025-7624(CVSSスコア9.8)を含む複数の脆弱性が修正された。
@yousukezan
24 Jul 2025
569 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🔴 [ALERTA CIBERSEGURIDAD] Vulnerabilidad crítica Zero-Day en Sophos Firewall (CVE-2025-6704, 7624, 7382, 2024-13974, 13973). ⚠️ ¡Actualiza ya para mitigar riesgo de acceso remoto no autorizado! #Ciberseguridad #Sophos #Compunet #SOC https://t.co/Hlk3L6WWqi
@CompunetChile
24 Jul 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sophos Firewall and SonicWall SMA 100 Series have critical vulnerabilities (CVE-2025-6704, CVE-2025-7624, CVE-2025-40599) enabling remote code execution. Although affecting a small percentage, immediate patches are advised. #SecurityUpdate #Firewalls https://t.co/MdFIZD93IL
@TweetThreatNews
24 Jul 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sophos fixed two critical Sophos Firewall vulnerabilities Sophos has patched five vulnerabilities in its Firewall product, including two critical flaws—CVE-2025-6704 and CVE-2025-7624 (CVSS 9.8)—that enable pre-auth remote code execution via the SPX feature and legacy SMTP h
@dCypherIO
24 Jul 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sophosのファイアウォールに重大な脆弱性-既に修正済み(CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, CVE-2024-13973) #セキュリティ対策Lab #セキュリティ #Security https://t.co/2dK1mTiAZf
@securityLab_jp
24 Jul 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en Sophos Firewall ❗CVE-2025-6704 ❗CVE-2025-7624 ❗CVE-2025-7382 ➡️Más info: https://t.co/0HyyI2iRS9 https://t.co/OAss4bgdlw
@CERTpy
23 Jul 2025
146 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ تحذير أمني Sophos Firewall 🔴 الثغرات: CVE-2025-6704 CVE-2025-7624 CVE-2024-13973 🔴 الخطر: - تنفيذ هجمات SQL Injection. - تحميل وتنفيذ ملفات خبيثة. - رفع الصلاحيات والسيطرة الكامل
@BasharALYAsser1
22 Jul 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-6704、CVE-2025-7624 Sophos Firewall Emergency Update: Two Critical RCE Vulnerabilities Patched 🎯29k+Results are found on the https://t.co/pb16tGYaKe nearly year 🔗FOFA Link:https://t.co/FGG6AHd3Tz FOFA Query:app="SOPHOS-Firewall" 🔖Refer:https://t.co
@fofabot
22 Jul 2025
1664 Impressions
10 Retweets
24 Likes
6 Bookmarks
0 Replies
0 Quotes
🚨🚨Two Critical RCE Flaws in Sophos Firewall CVE-2025-6704: Pre-auth RCE via SPX + HA mode. Arbitrary file writing in SPX allows RCE! CVE-2025-7624: SQL injection in legacy SMTP proxy. Upgraded from older versions with email quarantine? RCE risk! ZoomEye Dork👉app="Soph
@zoomeye_team
22 Jul 2025
1348 Impressions
7 Retweets
16 Likes
6 Bookmarks
0 Replies
0 Quotes
🚨🚨Two Critical RCE Flaws in Sophos Firewall CVE-2025-6704: Pre-auth RCE via SPX + HA mode. Arbitrary file writing in SPX allows RCE! CVE-2025-7624: SQL injection in legacy SMTP proxy. Upgraded from older versions with email quarantine? RCE risk! ZoomEye Dork👉app="Soph
@zoomeye_team
22 Jul 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes