CVE-2025-6704
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-6704. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1Attack Vector Metrics
Impact Metrics
Description
An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode.
Available Exploits
Related News
Sophos addressed five Sophos Firewall vulnerabilities that could allow remote attackers to execute arbitrary code. Sophos has fixed five vulnerabilities (CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, CVE-2024-13973) in Sophos Firewall that coul…
Affected Products
Affected Versions:
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (3.1)
EPSS Score
Data provided by ENISA EU Vulnerability Database. Last updated: July 21, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: July 21, 2025, Modified: July 21, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
August Patch Tuesday updates 𝗧𝗼𝗱𝗮𝘆'𝘀 𝗣𝗮𝘁𝗰𝗵 𝗧𝘂𝗲𝘀𝗱𝗮𝘆 𝗼𝘃𝗲𝗿𝘃𝗶𝗲𝘄: ▪️ Microsoft has addressed 107 vulnerabilities, one zero-day with PoC (CVE-2025-53779), 13 critical ▪️ Third-party: actively exploited vulnerabilities in Google Chrome, Android, Apple, Cisco ISE, and Wing FTP Server, plus major third-party issues affecting Axis Communications, Dell ControlVault3, Nvidia, WordPress, and Sophos …
🔥 Top 10 Trending CVEs (27/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-23266](https://nvd.nist.gov/vuln/detail/CVE-2025-23266)** - 📝 NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A …
CVE-2025-6704: Arbitrary File Writing Vulnerability in Secure PDF eXchange (SPX) of Sophos Firewall
Critical RCE Flaws in Sophos and SonicWall Devices Demand Immediate Action **Sophos and SonicWall have issued urgent patches for critical vulnerabilities that could allow remote code execution on their firewall and SMA 100 devices.** **Key Points:** - Sophos Firewall vulnerabilities CVE-2025-6704 and CVE-2025-7624 are rated CVSS 9.8, allowing potential pre-auth …