SOPHOS UTM: [CRITICAL]: Up2Date 9.705, 9.607, 9.511 Released

Sophos released UTM 9.705. The release will be rolled out in phases.

  • In phase 1 you can download the update package from their download server
  • In phase 2 they will make it available via their Up2Date servers to all installations

Up2Date Information for 9.705


  • Maintenance Release


  • System will be rebooted

Issues Resolved

  • NUTM-12235 [Basesystem, SUM] UTM not accessible through SUM gateway manager
  • NUTM-12234 [Basesystem] Remote Code Execution vulnerability in UTM WebAdmin
  • NUTM-12250 [Wireless] AP Wireless Networks restart continuously-9.704

IMPORTANT: This release fixes a Remote Code Execution vulnerability in UTM WebAdmin, which, if you have the WebAdmin or Userportal open to any IP – which of course you have not, it could be exploited!! During COVID-19 there has been a lot of attacks on the perimeter equiment, so an exploit is likely to happen!

Another fix is that when you use Single Sign On from SUM, you will not get to the dashboard of the UTM, this is fixed with 9.705 also – I have tested it ๐Ÿ™‚



  1. Thorsten Sult

    Hi Martin,

    Iยดve linked your article on my blog. Do you have any information about the vulnerability?

    1. Martin (Post author)

      Hi Thorsten,
      Thanks ๐Ÿ™‚
      No sadly, but I just know that it can be exploited if Userportal and Webadmin is open to ๐Ÿ™‚

  2. Dennis

    In every note there is no reference, that it is actuall targeting the userportal too. do you just recomend not to post the user portal to public and assume to have it vulnerable as well as actual webadmin?
    Thanks for clearance

    1. Martin (Post author)

      It is very risky to open the userportal to WAN anways, so please do not ever do that ๐Ÿ™‚ If one guess the password and download vpn client, yo uare lost ๐Ÿ™‚
      I know the notes state that webadmin was vulnerable, but there is a high chance of userportal will be too…eventually..cannot define more than this ๐Ÿ™‚


Leave a Reply to Thorsten Sult Cancel reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.