Unrated severityCISA KEVNVD Advisory· Published Sep 25, 2020· Updated Oct 21, 2025
CVE-2020-25223
CVE-2020-25223
Description
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
Affected products
1- Sophos/SG UTMdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- packetstormsecurity.com/files/164697/Sophos-UTM-WebAdmin-SID-Command-Injection.htmlmitre
- community.sophos.com/b/security-blogmitre
- community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223mitre
- cwe.mitre.org/data/definitions/78.htmlmitre
- www.secpod.com/blog/remote-code-execution-in-sophos-utm/mitre
News mentions
0No linked articles in our index yet.