CVE-2020-9363
moderate-risk
Published 2020-02-24
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
Do I need to act?
-
0.06% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10
High
LOCAL
/ LOW complexity
Affected Products (6)
Cloud Optix
Endpoint Protection
Intercept X Endpoint
Intercept X For Server
Secure Web Gateway
Affected Vendors
References (4)
Third Party Advisory
https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html
Third Party Advisory
https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html
37
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
0/34 · Minimal
Exposure
13/34 · Low