CNNVD-202507-2357 Information

CNNVD ID

CNNVD-202507-2357

Related CVE

CVE-2024-13972

• CNNVD Published: 2025-07-17

Description (Chinese)

Sophos Intercept X是英国Sophos公司的一种端点保护。可防止未知恶意软件、漏洞利用和勒索软件。 Sophos Intercept X 2024.3.2之前版本存在安全漏洞，该漏洞源于注册表权限处理不当，可能导致本地用户在升级过程中获取SYSTEM权限。

Description (English)

Sophies Intercept X is an endpoint protection for the British company Sophos. Unknown malware, loophole use and extortion software can be prevented. There was a security loophole in the pre-Sphos Intercept X 2024.3.2 version, which stemmed from inappropriate processing of registry privileges, which could lead local users to acquire SYSTEM privileges during the upgrade process.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Sophos

Published

2025-07-17

Last Modified

2026-02-24

References

https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe https://access.redhat.com/security/cve/cve-2024-13972

Patch

https://www.sophos.com/en-us/support/downloads