CVE-2021-25269 - Sophos Exploit Prevention, Sophos Intercept X Endpoint and Sophos Intercept X For Server

Moderate 4.4

A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.

Affected software

Sophos Exploit Prevention

Sophos Intercept X Endpoint

Sophos Intercept X For Server

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.