Vulnerability Database

301,027

Total vulnerabilities in the database

CVE-2024-13974

A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’s DNS environment to achieve remote code execution.

Published: Jul 21, 2025
Updated: Jul 22, 2025
CVE: CVE-2024-13974
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo