CVE-2020-9363

The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.

Published: Feb 24, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-9363
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-436

Affected Software
References

Software	From	Fixed in
sophos / cloud_optix	-	2020-01-14
sophos / mobile	-	2020-01-14
sophos / intercept_x_endpoint	-	2020-01-14
sophos / intercept_x_for_server	-	2020-01-14
sophos / secure_web_gateway	-	2020-01-14
sophos / endpoint_protection	-	2020-01-14

https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html
https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363

Vulnerability Database

289,697

CVE-2020-9363