VYPR
High severity8.1NVD Advisory· Published Jul 21, 2025· Updated Jun 17, 2026

CVE-2024-13974

CVE-2024-13974

Description

A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’s DNS environment to achieve remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Sophos/Sophos Firewallllm-fuzzy2 versions
    <21.0 MR1 (20.0.1)+ 1 more
    • (no CPE)range: <21.0 MR1 (20.0.1)
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.