Sophos patches vulnerabilities CVE-2025-10159, CVE-2025-10159, CVE-2025-10159

Critical Authentication-Bypass Vulnerability in Sophos AP6 Series Firmware

A critical authentication-bypass vulnerability (CVE-2025-10159) has been identified in the firmware of Sophos AP6 Series wireless access points. This vulnerability could allow an attacker with network access to the access point’s management IP to gain administrator privileges, posing a significant risk to businesses.

Vulnerability Details

CVE-2025-10159 affects all firmware versions of the Sophos AP6 Series prior to 1.7.2563 (MR7). This flaw enables unauthorised access to the management interface, which can lead to severe security breaches. The vulnerability was disclosed in an advisory published on 9 September 2025, highlighting the urgency for affected users to take action.

Risks/Impact to Businesses

The implications of this vulnerability are serious. If exploited, an attacker could manipulate the access point settings, potentially leading to data breaches, network disruptions, or further infiltration into the corporate network. For businesses relying on the Sophos AP6 Series for wireless connectivity, the risk of compromised network security could result in significant financial loss, reputational damage, and legal ramifications.

Remediation

To mitigate the risks associated with CVE-2025-10159, Sophos has released a patch in firmware version 1.7.2563 (MR7), which became available after 11 August 2025. For customers using the default automatic updates, no immediate action is required, as their devices will be updated automatically. However, businesses that have disabled automatic updates must take proactive measures to upgrade their access points to firmware version 1.7.2563 or later to ensure their networks remain secure. It is crucial to note that there is no workaround available for this vulnerability.

In light of the critical nature of this vulnerability, businesses are urged to assess their Sophos AP6 Series devices and ensure they are running the latest firmware. Staying informed and proactive in addressing security vulnerabilities is essential for maintaining a robust cybersecurity posture. For further assistance or to discuss your network security needs, please reach out to us at Globelink UK. Your security is our priority.