Are you confident that your network is impenetrable? Think again. A recent discovery has shed light on a critical vulnerability in the Sophos Firewall, a popular security solution used by countless organizations around the world. This flaw allows unauthorized individuals to gain access to sensitive information by simply exploiting a weak password system. In this article, we will delve into the details of this alarming discovery and discuss why it is imperative for all Sophos Firewall users to take immediate action and patch their systems without delay.

Sophos Firewall Password Disclosure Vulnerability: Patch Now!

Sophos, a reputable company in the cybersecurity industry, has swiftly addressed a major security flaw identified in their Firewall system. The vulnerability, which was brought to their attention by IT f r Caritas eG, impacted the functionality of the Secure PDF eXchange (SPX) feature and had the potential to compromise sensitive information. The flaw only impacted users who chose the “specified by sender” option for the password type in the SPX feature.

Password Disclosure Vulnerability:

The vulnerability  (CVE-2023-5552) pertaining to password disclosure was identified, enabling unauthorized access to the password of encrypted PDF files generated by the SPX feature. This could potentially compromise the confidentiality and integrity of data stored within said PDF files. Caritas eG, a reputable German IT service provider, detected and responsibly reported this flaw. Users who have enabled the default setting of allowing automatic installation of hotfixes on their Sophos Firewall are not impacted by this issue.

Temporary Solution:

Users who are worried about this vulnerability can implement a temporary fix by modifying the Password type setting in their SPX template to Generated and stored for the recipient. This action will ensure that the password remains secure and inaccessible to any potential attackers.

Permanent Solution:

Users who want to resolve this flaw completely should make sure they are running a supported version of Sophos Firewall. 

Sophos has released hotfixes for several versions, including:

  • v19.5 MR3 (19.5.3) and older
  • v19.5 MR3 and MR2 (Hotfixes released on October 12, 2023)
  • v20.0 EAP1, v19.5 MR1-1, MR1, and GA (Hotfixes released on October 13, 2023)
  • v19.0 MR3, MR2, MR1-1, and MR1 (Hotfixes released on October 13, 2023)

Additionally, the fix for this flaw is included in v19.5 MR4 (19.5.4) and v20.0 GA. 

Users using older versions of Sophos Firewall are strongly advised to upgrade to the latest version to get the best protection and this important fix. This incident reminds users of the importance of updating their software and applying patches and hotfixes as soon as possible to maintain a strong cybersecurity posture.


The Sophos Firewall Password Disclosure Vulnerability is a critical security flaw that puts organizations at risk of unauthorized access to their network infrastructure. It is imperative that all users of Sophos Firewalls take immediate action to patch this vulnerability and ensure the security of their systems. By installing the latest patch provided by Sophos, organizations can protect themselves from potential cyber attacks and safeguard sensitive information. Ignoring this vulnerability could have severe consequences, including data breaches and financial loss. Therefore, it is strongly recommended that all users update their Sophos Firewalls as soon as possible to avoid any potential security breaches. Safeguard your organization’s network today and stay ahead of evolving cyber threats by patching the Sophos Firewall Password Disclosure Vulnerability now.

Leave a Comment

Your email address will not be published. Required fields are marked *