Primary

Context

Sophos Intercept X for Windows Local Privilege Escalation Vulnerability in Central Device Encryption

Vulnerability

Patched

A local privilege escalation vulnerability allowing arbitrary code execution exists in Sophos Intercept X for Windows with Central Device Encryption versions prior to 2025.1. This vulnerability was discovered by an external security researcher and has been responsibly disclosed to Sophos.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a local user to execute arbitrary code with elevated rights.

Remediation

Users of Sophos Intercept X for Windows with Central Device Encryption should upgrade to version 2025.1 or later. For those using the default updating policy, no action is required as updates are installed automatically. However, customers on Fixed Term Support (FTS) or Long Term Support (LTS) packages must upgrade to receive these fixes.

Added: Jul 17, 2025, 8:22 PM

Updated: Jul 17, 2025, 9:35 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sophos Intercept X for Windows Local Privilege Escalation Vulnerability in Central Device Encryption

Vulnerability

Impact

Remediation

Affected Products

Sophos Intercept X

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating