CyberSecurityBoard
Sponsor Register Login

Sophos Wireless Access Points Vulnerability Exposes Networks to Remote Attacks

A critical vulnerability has been discovered in Sophos wireless access points, potentially allowing remote attackers to compromise enterprise networks. This security flaw affects multiple models of Sophos AP devices and can be exploited without authentication, posing a significant risk to organizations relying on these devices for secure wireless connectivity. The vulnerability enables attackers to execute arbitrary code remotely, leading to unauthorized access and control over network resources. Sophos has released patches and urged users to update their firmware immediately to mitigate the threat. This incident highlights the importance of timely security updates and vigilant network monitoring to prevent exploitation of such vulnerabilities. Enterprises are advised to review their wireless infrastructure security posture and apply recommended mitigations promptly to safeguard against potential breaches. The discovery underscores ongoing challenges in securing IoT and network hardware against sophisticated cyber threats.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 10 Sep 2025 07:35:13 +0000


Cyber News related to Sophos Wireless Access Points Vulnerability Exposes Networks to Remote Attacks

Wireless Visibility: The MUST for Zero Trust - Without addressing the wireless problem, our Zero Trust posture is incomplete. Wireless devices number in the tens of billions worldwide, and their presence continues to grow. All of these devices have the potential to connect to our networks in some ...
1 year ago Cybersecurity-insiders.com
CVE-2025-40000 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
Wireless Network Security: Safeguarding Your Digital Haven - As the ubiquity of wireless networks grows, so does the need for proper security measures to protect home networks from malicious attacks. Ensuring secure connections and maintaining a safe online environment requires a comprehensive understanding of ...
2 years ago Securityzap.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
2 years ago Esecurityplanet.com
Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
1 year ago Darkreading.com
Sophos Wireless Access Points Vulnerability Exposes Networks to Remote Attacks - A critical vulnerability has been discovered in Sophos wireless access points, potentially allowing remote attackers to compromise enterprise networks. This security flaw affects multiple models of Sophos AP devices and can be exploited without ...
4 months ago Cybersecuritynews.com CVE-2024-12345
Sophos Patches EOL Firewalls Against Exploited Vulnerability - UK-based cybersecurity firm Sophos this week announced patches for an exploited vulnerability in Firewall versions that have reached End-of-Life. The critical-severity flaw, tracked as CVE-2022-3236, was found to impact versions 19.0 MR1 and older of ...
2 years ago Securityweek.com CVE-2022-3236
Nozomi Networks Delivers Multi-Spectrum Wireless Security Sensor for Global OT and IoT Environments - PRESS RELEASE. SAN FRANCISCO, January 24, 2024 - Nozomi Networks Inc., the leader in OT and IoT security, today introduced Guardian Air™, the industry's only wireless spectrum sensor purpose-built for OT and IoT environments worldwide. With 80 ...
1 year ago Darkreading.com
CVE-2018-0250 - A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured ...
6 years ago
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
2 years ago Techtarget.com LockBit Snatch
Sophos backports RCE fix after attacks on unsupported firewalls - Sophos was forced to backport a security update for CVE-2022-3236 for end-of-life firewall firmware versions after discovering hackers actively exploiting the flaw in attacks. The flaw is a code injection problem in the User Portal and Webadmin of ...
2 years ago Bleepingcomputer.com CVE-2022-3236
Fraudsters Successfully Inserted Cryptocurrency Programs into Apple and Google's App Stores - Scammers were able to get two malicious apps onto the app stores of both Google and Apple, allowing them to trick users into investing in fake cryptocurrency. According to a report from Sophos, the apps, Ace Pro and MBM BitScan, were found on both ...
2 years ago Therecord.media
Cybercriminals Hesitant About Using Generative AI - Cybercriminals are so far reluctant to use generative AI to launch attacks, according to new research by Sophos. Examining four prominent dark-web forums for discussions related to large language models, the firm found that threat actors showed ...
2 years ago Infosecurity-magazine.com
Critical Ruckus Wireless Vulnerabilities Exposes Enterprise Wireless Networks - These vulnerabilities, disclosed on July 8, 2025, affect wireless network management systems that can scale up to 10,000 access points and 150,000 connected clients, making them particularly concerning for large-scale deployments in schools, ...
6 months ago Cybersecuritynews.com CVE-2025-44958
Critical Sophos Firewall Vulnerabilities Enables pre-auth Remote Code Execution - Multiple security vulnerabilities affecting Sophos firewall products, with two enabling pre-authentication remote code execution that could allow attackers to compromise systems without valid credentials. Users running supported versions including ...
5 months ago Cybersecuritynews.com CVE-2025-6704
Personal data stolen from unsuspecting airport visitors and plane passengers in "evil twin" attacks, man charged - The Australian Federal Police have charged a man for setting up fake free WiFi access points in order to steal personal data from people. The crime was discovered when an airline reported a suspicious WiFi network identified by its employees during a ...
1 year ago Malwarebytes.com
Personal data stolen from unsuspecting airport visitors and plane passengers in "evil twin" attacks, man charged - The Australian Federal Police have charged a man for setting up fake free WiFi access points in order to steal personal data from people. The crime was discovered when an airline reported a suspicious WiFi network identified by its employees during a ...
1 year ago Malwarebytes.com
Windows 11, Red Hat Linux, & Oracle VirtualBox Hacked - Pwn2Own Day 1 - Sina Kheirkhah (@SinSinology) of Summoning Team and Viettel Cyber Security (@vcslab) both demonstrated successful exploits, each earning $15,000 and 1.5 Master of Pwn points despite the vendor’s prior knowledge of the vulnerabilities. Red Hat Linux ...
7 months ago Cybersecuritynews.com
Sophos: Remote ransomware attacks on SMBs increasing - Sophos researchers observed a shift in threat activity against small businesses in 2023, including a surge in remote ransomware attacks, according to new research published Tuesday. Although the vendor said ransomware continues to be the primary ...
1 year ago Techtarget.com
CISA warns of actively exploited Windows, Sophos, and Oracle bugs - The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle. The KEV catalog ...
2 years ago Bleepingcomputer.com CVE-2023-36584 CVE-2023-1671 LockBit
CVE-2018-0249 - A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service ...
5 years ago
Crypto scam apps infiltrate Apple App Store and Google Play - Operators of high-yielding investment scams known as "Pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps. Pig butchering scams have been happening for a few ...
2 years ago Bleepingcomputer.com
Sophos Joins Security Companies in Cutting Staff - Sophos has joined the list of cybersecurity companies that are cutting staff following the implementation of measures to cope with the current global economic crisis. The Cambridge-based firm announced on May 11 that it was reducing its workforce ...
2 years ago Securityweek.com
CVE-2022-49235 - In the Linux kernel, the following vulnerability has been resolved: ...
10 months ago
CVE-2025-21910 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)