CVE-2021-25269

A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
SophosCNA
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
sophosexploit_prevention
𝑥
< 3.8.3
sophosintercept_x_endpoint
𝑥
< 2.0.23
sophosintercept_x_for_server
𝑥
< 2.0.23
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-ixa-hmpa-local-dos
https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-ixa-hmpa-local-dos