Resolved LPE vulnerability in Sophos Intercept X for Windows (CVE-2024-8885)

Zurück zur Übersicht der Sicherheitshinweise
High
CVE(s)
CVE-2024-8885
Updated:
Produkt(e)
Intercept X Endpoint
Veröffentlichungs-ID sophos-sa-20241002-cde-lpe
Artikelversion 1
Erstveröffentlichung
Provisorische Lösung No

Overview

Sophos has fixed a local privilege escalation vulnerability, allowing arbitrary file writing, in the Device Encryption component of Sophos Intercept X for Windows.

There is no action required for customers using the default updating policy, as updates for Recommended packages are installed automatically by default.

Customers using Fixed Term Support (FTS) or Long Term Support (LTS) packages are required to upgrade to receive this fix. See below for details.

Sophos would like to thank Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com) for responsibly disclosing the issue to Sophos.

Applies to the following Sophos product(s) and version(s)

Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older

Remediation

  • Ensure you are running a supported version
  • Fix included in Device Encryption 2024.2.1.6 on September 19, 2024:
  • Users of older versions of Sophos Intercept X are required to upgrade to receive the latest protections, and this fix

Related information