Sophos IPS and Application Signature update release notes

Version 18.22.93

Released on January 27, 2025

Introduction

The Release Note document for IPS and Application signature Database version 18.22.93 includes support for both, the new and the updated Signatures. The following sections describe the release in detail.

Release Information

Upgrade Applicable on: Version 18.22.92

Fixed issues, listed by ID, description, explanation and Workaround.

Appliance Model	Details of Changes			Module	More Details
All Deployments	17 Applications	72 Application Signatures	3 Application categories	Application Filter	Click Here for details of changes
XGS-87, XGS-87(w), XGS-107, XGS-107(w), XGS-116, XGS-116(w), XGS-126, XGS-126(w), XGS-136, XGS-136(w), XGS-2100, XGS-2300, XGS-3100, XGS-3300, XGS-4300, XGS-4500 XG-86, XG-86(w), XG-106, XG-106(w), XG-115, XG-115(w), XG-125, XG-125(w), XG-135, XG-135(w), XG-210, XG-230, XG-310, XG-330, XG-430, XG-450 SG-105, SG-105(w), SG-115, SG-115(w), SG-125, SG-125(w), SG-135, SG-135(w), SG-210, SG-230, SG-310, SG-330, SG-430, SG-450, SG-550, SG-650 Any virtual deployment with RAM < 24GB	19 Signatures	13 Vulnerabilities	4 IPS Categories	IPS Filter	Click Here for details of changes
XG-550, XG-650, XG-750 XGS-5500, XGS-6500 Any virtual deployment with RAM >24GB	21 Signatures	15 Vulnerabilities	6 IPS Categories	IPS Filter	Click Here for details of changes

Application Name	Risk	Category
Intralinks	1	General Business
Officeally	1	General Business
Direct	1	Network Services
Sur-Meas	1	Network Services
InBusiness	1	Network Services
Link	1	Network Services
DSP3270	1	Network Services
Subntbcst-TFTP	1	Network Services
Bhfhs	1	Network Services
ISO-Tsap-c2	1	Network Services
SET	1	Network Services
OpenPort	1	Network Services
NSIIOPs	1	Network Services
Arcisdms	1	Network Services
HDAP	1	Network Services
X-bone-ctl	1	Network Services
TOR Proxy	5	Proxy and Tunnel

Application Name

Risk

Risk Level	Risk Criteria
1	Very Low
2	Low
3	Medium
4	High
5	Very High

Name	CVE-ID	Category	Severity
BROWSER-CHROME Google Chrome Skia CVE-2024-8636 Heap Buffer Overflow Vulnerability	CVE-2024-8636	browser-chrome	1
OS-LINUX Linux Kernel heap-based buffer overflow attempt	CVE-2022-0185	os-linux	1
OS-WINDOWS Microsoft Windows LdapChaseReferral CVE-2024-49113 Out-Of-Bounds Read	CVE-2024-11773	os-windows	1
OS-WINDOWS Microsoft Windows OLE CVE-2025-21298 Remote Code Execution Vulnerability	CVE-2025-21298	os-windows	1
OS-WINDOWS Microsoft Windows Server LDAP CVE-2024-49112, CVE-2024-49113 Denial Of Service Attempt	CVE-2024-49112, CVE-2024-49113	os-windows	1
SERVER-WEBAPP CyberPanel Getresetstatus CVE-2024-51378 Command Injection	CVE-2024-51378	server-webapp	1
SERVER-WEBAPP CyberPanel upgrademysqlstatus command injection attempt	CVE-2024-51567	server-webapp	1
SERVER-WEBAPP Ivanti Endpoint Manager serverAsset updateAssetInfo CVE-2024-32848 SQL Injection	CVE-2024-32848	server-webapp	2
SERVER-WEBAPP Ivanti Endpoint Manager serverMemory loadModuleTable CVE-2024-34779 SQL Injection	CVE-2024-34779	server-webapp	2
SERVER-WEBAPP MasterSAM Gatev11 CVE-2024-55457 Directory Traversal Vulnerability	CVE-2024-55457	server-webapp	1
SERVER-WEBAPP Microsoft SharePoint Workflow AccessServicesListEventReceiver CVE-2024-43464 Insecure Deserialization	CVE-2024-43464	server-webapp	3
SERVER-WEBAPP Reolink multiple devices command injection attempt	CVE-2019-11001	server-webapp	2
SERVER-WEBAPP WordPress Active Products Tables for WooCommerce plugin CVE-2022-1916 Cross Site Scripting Attempt	CVE-2022-1916	server-webapp	3

Name	CVE-ID	Category	Severity
BROWSER-CHROME Google Chrome Skia CVE-2024-8636 Heap Buffer Overflow Vulnerability	CVE-2024-8636	browser-chrome	1
FILE-OFFICE TRUFFLEHUNTER TALOS-2024-2128 attack attempt	CVE-2024-48877	file-office	1
OS-LINUX Linux Kernel heap-based buffer overflow attempt	CVE-2022-0185	os-linux	1
OS-WINDOWS Microsoft Windows LdapChaseReferral CVE-2024-49113 Out-Of-Bounds Read	CVE-2024-11773	os-windows	1
OS-WINDOWS Microsoft Windows OLE CVE-2025-21298 Remote Code Execution Vulnerability	CVE-2025-21298	os-windows	1
OS-WINDOWS Microsoft Windows Server LDAP CVE-2024-49112, CVE-2024-49113 Denial Of Service Attempt	CVE-2024-49112, CVE-2024-49113	os-windows	1
SERVER-OTHER OpenPrinting CUPS Get-Printer-Attributes CVE-2024-47176 Command Injection	CVE-2024-47176	server-other	1
SERVER-WEBAPP CyberPanel Getresetstatus CVE-2024-51378 Command Injection	CVE-2024-51378	server-webapp	1
SERVER-WEBAPP CyberPanel upgrademysqlstatus command injection attempt	CVE-2024-51567	server-webapp	1
SERVER-WEBAPP Ivanti Endpoint Manager serverAsset updateAssetInfo CVE-2024-32848 SQL Injection	CVE-2024-32848	server-webapp	2
SERVER-WEBAPP Ivanti Endpoint Manager serverMemory loadModuleTable CVE-2024-34779 SQL Injection	CVE-2024-34779	server-webapp	2
SERVER-WEBAPP MasterSAM Gatev11 CVE-2024-55457 Directory Traversal Vulnerability	CVE-2024-55457	server-webapp	1
SERVER-WEBAPP Microsoft SharePoint Workflow AccessServicesListEventReceiver CVE-2024-43464 Insecure Deserialization	CVE-2024-43464	server-webapp	3
SERVER-WEBAPP Reolink multiple devices command injection attempt	CVE-2019-11001	server-webapp	2
SERVER-WEBAPP WordPress Active Products Tables for WooCommerce plugin CVE-2022-1916 Cross Site Scripting Attempt	CVE-2022-1916	server-webapp	3

Severity Level	Severity Criteria
1	Critical
2	Major
3	Moderate
4	Minor
5	Warning

Sophos IPS and Application Signature Update

These release notes are for Sophos IPS and Application signature updates.

Version 18.22.93
Released on January 27, 2025

Introduction

Release Information

Upgrade Information

Application Signatures

Terms Explained

IPS Signatures

IPS Signatures

Terms Explained

Important Notice

RESTRICTED RIGHTS

Corporate Headquarters