vulnerability
Sophos Sophos Intercept X for Windows: CVE-2024-8885: Resolved LPE vulnerability in Sophos Intercept X for Windows
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Oct 2, 2024 | Mar 26, 2025 | Mar 25, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Oct 2, 2024
Added
Mar 26, 2025
Modified
Mar 25, 2026
Description
Sophos has fixed a local privilege escalation vulnerability, allowing arbitrary file writing, in the Device Encryption component of Sophos Intercept X for Windows. There is no action required for customers using the default updating policy, as updates for Recommended packages are installed automatically by default. Customers using Fixed Term Support (FTS) or Long Term Support (LTS) packages are required to upgrade to receive this fix. See below for details. Sophos would like to thank Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com) for responsibly disclosing the issue to Sophos.
Solution
sophos-sophos-intercept-x-for-windows-upgrade-latest
References
- CWE-1104
- CWE-502
- CVE-2024-8885
- https://attackerkb.com/topics/CVE-2024-8885
- https://www.cve.org/CVERecord?id=CVE-2024-8885
- https://support.sophos.com/support/s/article/KBA-000002911?language=en_US
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20241002-cde-lpe
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-49456
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.