CVE advisoryKnown Exploit
CVE-2020-12271
Sophos Firewall SQL Injection Leads to Remote Code Execution.
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A SQL injection vulnerability in Sophos SFOS affects devices with exposed administrative or user portal services. This flaw may enable attackers to execute remote code, leading to the exfiltration of usernames and hashed passwords for local and remote access accounts. The business risk involves unauthorized access to s