What is CVE-2024-13974?

CVE-2024-13974 is a high-severity vulnerability in Sophos Firewall, classified under CWE-807. CVSS score: 8.1/10. Published 2025-07-21.

How severe is CVE-2024-13974?

High severity. CVSS v3 base score is 8.1 out of 10.

Vulnerability in Sophos Firewall

CVE-2024-13974

A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’s DNS environment to achieve remote code execution.

EPSS: 0.013 (79.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Sophos Firewall — versions 0

Weakness classification (CWE)

CWE-807

References

www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce

Frequently asked questions

What is CVE-2024-13974?: CVE-2024-13974 is a high-severity vulnerability in Sophos Firewall, classified under CWE-807. CVSS score: 8.1/10. Published 2025-07-21.
How severe is CVE-2024-13974?: High severity. CVSS v3 base score is 8.1 out of 10.