CVE-2024-13974

High CVSS 8.1

Overview

A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’s DNS environment to achieve remote code execution.

CWE: CWE-807 Published: 2025-07-21T14:15:29.173

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.1 (HIGH)
Detected tags: rce (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags