Vulnerability Details CVE-2021-25269
A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.9%
CVSS Severity
CVSS v3 Score 4.4
CVSS v2 Score 2.1
References
Products affected by CVE-2021-25269
-
cpe:2.3:a:sophos:exploit_prevention:*
-
cpe:2.3:a:sophos:intercept_x_endpoint:-
-
cpe:2.3:a:sophos:intercept_x_for_server:-