Cisco IronPort Web / Email Security Appliance Sophos Anti-Virus Multiple Vulnerabilities
Cisco IronPort Email Security Appliances (C-Series and X-Series) running Sophos Engine versions 3.2.07.352_4.80 and prior.
Cisco IronPort Web Security Appliances (S-Series) running Sophos Engine versions 3.2.07.352_4.80 and prior.
Cisco Ironport Appliances Sophos Anti-Virus Vulnerabilities.
Cisco has acknowledged some vulnerabilities in Cisco IronPort Web Security Appliance and Cisco IronPort Email Security Appliance, which can be exploited by malicious people to compromise a vulnerable device.
The vulnerabilities are caused due to a bundled vulnerable version of Sophos Engine.
Successful exploitation of these vulnerabilities may cause the Sophos Anti-Virus engine to crash. A remote, unauthenticated attacker may be able to gain control of the system, escalate privileges, or cause a denial-of-service condition.
No official solution is currently available.