Sophos released UTM 9.705. The release will be rolled out in phases.
- In phase 1 you can download the update package from their download server
- In phase 2 they will make it available via their Up2Date servers to all installations
Up2Date Information for 9.705
News
- Maintenance Release
Remarks
- System will be rebooted
Issues Resolved
- NUTM-12235 [Basesystem, SUM] UTM not accessible through SUM gateway manager
- NUTM-12234 [Basesystem] Remote Code Execution vulnerability in UTM WebAdmin
- NUTM-12250 [Wireless] AP Wireless Networks restart continuously-9.704
IMPORTANT: This release fixes a Remote Code Execution vulnerability in UTM WebAdmin, which, if you have the WebAdmin or Userportal open to any IP – which of course you have not, it could be exploited!! During COVID-19 there has been a lot of attacks on the perimeter equiment, so an exploit is likely to happen!
Another fix is that when you use Single Sign On from SUM, you will not get to the dashboard of the UTM, this is fixed with 9.705 also – I have tested it ๐
Hi Martin,
Iยดve linked your article on my blog. Do you have any information about the vulnerability?
Hi Thorsten, ๐
Thanks ๐
No sadly, but I just know that it can be exploited if Userportal and Webadmin is open to
In every note there is no reference, that it is actuall targeting the userportal too. do you just recomend not to post the user portal to public and assume to have it vulnerable as well as actual webadmin?
Thanks for clearance
It is very risky to open the userportal to WAN anways, so please do not ever do that ๐ If one guess the password and download vpn client, yo uare lost ๐
I know the notes state that webadmin was vulnerable, but there is a high chance of userportal will be too…eventually..cannot define more than this ๐