The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B’s state.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cloud_optix | Sophos | * | 2020-01-14 (excluding) |
Endpoint_protection | Sophos | * | 2020-01-14 (excluding) |
Intercept_x_endpoint | Sophos | * | 2020-01-14 (excluding) |
Intercept_x_for_server | Sophos | * | 2020-01-14 (excluding) |
Mobile | Sophos | * | 2020-01-14 (excluding) |
Secure_web_gateway | Sophos | * | 2020-01-14 (excluding) |