Call us Send E-Mail Contact & Persons

Critical RCE Vulnerability CVE-2022-1040 in Sophos Firewall Resolved

29th March 2022

Sophos has fixed the critical CVE-2022-1040 vulnerability in Sophos Firewall OS (SFOS). SFOS is used in Sophos Firewall types XGS and XG. The said vulnerability enables attackers to bypass authentication and to execute any type of remote code.

Sophos has provided hotfixes for various SFOS versions and has published further information in the Security Advisory.

With only a few exceptios, the Sophos Firewalls delivered by VIVAVIS are all SG Firewalls and are therefore not affected by this critical vulnerability.

Customers who are using an SFOS-based Sophos Firewall and who are affected by the vulnerability have already been contacted, and security measures have been implemented immediately.

If you have further questions on this matter or if you require support, please contact our Customer Support.


Peter Schwark


Our RSS feed always keeps you up to date! This way, you’ll receive same-day notification when a new article has been posted to the IT Security Bulletin. Just enter the following link in your feed reader:

You can find out how to integrate the RSS feed into Outlook here.