CVE-2022-1040CISA KEVEPSS p100.0%

CVE-2022-1040Sophos Firewall Authentication Bypass Vulnerability

Sophos / Firewall

Description

An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.

Scoring

EPSS99.80% probability of exploitation · percentile 100.0% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2022-03-31

(incoming)1

TypeTargetConfidenceTier
KEVEntrySophos Firewall Authentication Bypass Vulnerabilitykev-cve-2022-10400%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Sophos Firewall Code Injection Vulnerability
CVE
Sophos SG UTM Remote Code Execution Vulnerability
CVE
Sophos SFOS SQL Injection Vulnerability
CVE
Sophos Web Appliance Command Injection Vulnerability
CVE
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
CVE
CVE-2022-40684
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.