Sophos has released an update to address a critical authentication bypass vulnerability in its Firewall products. The flaw exists in the User Portal and Webadmin of the Sophos Firewall, and could be exploited to allow remote code execution. Sophos Firewall v18.5 MR3 (18.5.3) and older. Ref https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
