CVE Daily

CVE-2025-7433

A local privilege escalation vulnerability in Sophos Intercept X for Windows wit...

High CVSS 8.8

Overview

A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution.

CWE: CWE-502 Published: 2025-07-17T20:15:32.217
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.8 (HIGH)
  • Detected tags: priv_esc, rce (tag impact: VERY HIGH)

Recommended actions:

  • Fix privilege escalation urgently.
  • Enforce least-privilege and strengthen EDR detection.
  • Patch/upgrade immediately (remote code execution).
  • Reduce exposure (WAF/segmentation), minimize attack surface.

Recommended tools

Tags