CVE-2025-6704 CRITICAL

CVE-2025-6704

Vendor Sophos
Product Sophos Firewall
Weakness CWE-78
Published July 21, 2025
Last update July 21, 2025

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode.

Key dates

02Disclosure timeline

July 21, 2025 CVE published
July 21, 2025 Record updated