Three critical vulnerabilities in the Sophos Intercept X for Windows product family could allow local attackers to achieve arbitrary code execution with system-level privileges. Identified as CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, the flaws span registry permission misconfigurations, a weakness in the Device Encryption component, and an issue in the Windows installer running under the SYSTEM account. […]
The post Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution appeared first on Cyber Security News.
This article has been indexed from Cyber Security News