The security flaw, tracked as CVE-2025-10159, was discovered during internal security testing conducted by Sophos and has been addressed in the latest firmware release.
The vulnerability affects Sophos AP6 Series Wireless Access Points running firmware versions before 1.7.2563 (MR7).
Attackers who can reach the access point’s management IP address could exploit this flaw to bypass authentication mechanisms and obtain full administrative control over the affected devices.
This type of vulnerability poses significant risks to network security, as compromised wireless access points can serve as entry points for lateral movement within enterprise networks.
The authentication bypass flaw represents a severe security concern for organizations relying on Sophos wireless infrastructure.
Once an attacker gains administrator privileges, they could potentially modify network configurations, intercept wireless communications, deploy malicious firmware, or use the compromised device as a pivot point for further network penetration.
The vulnerability’s impact is amplified in enterprise environments where wireless access points often bridge critical network segments.
Sophos has implemented automatic remediation for most customers through its default updating policy.
Organizations using the standard automatic update configuration will receive the security patch without manual intervention, as the fix is included in AP6 Series firmware version 1.7.2563 (MR7), which became available after August 11, 2025.
This automatic deployment approach helps ensure rapid protection against potential exploitation attempts.
However, customers who have opted out of automatic updates must manually upgrade their firmware to receive protection against CVE-2025-10159.
These organizations should prioritize the firmware update to prevent potential security breaches.
Network administrators should verify their current firmware versions and implement the available patch immediately if running vulnerable versions.
| CVE ID | Product | Affected Versions | Fixed Version | CVSS Score | Impact |
|---|---|---|---|---|---|
| CVE-2025-10159 | Sophos AP6 Series Wireless Access Points | Prior to 1.7.2563 (MR7) | 1.7.2563 (MR7) | Not Available | Authentication Bypass |
Organizations that have disabled automatic updates face increased risk exposure until they manually apply the security patch.
The lack of available workarounds means that firmware updates represent the only effective mitigation strategy.
IT teams should schedule emergency maintenance windows to deploy the updated firmware across all affected AP6 Series devices.
The vulnerability disclosure follows Sophos’ responsible disclosure practices, with the company identifying the issue through internal security testing before external discovery.
Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Updates
The post Sophos Wireless Access Points Vulnerability Allows Authentication Bypass appeared first on Cyber Security News.
Anyone who's been paying attention to PC hardware over the last few months probably isn't…
If you enjoy listening to music while you run, then this headphone deal is right…
Anyone who's been paying attention to PC hardware over the last few months probably isn't…
If you enjoy listening to music while you run, then this headphone deal is right…
The LEGO Pokémon Venusaur, Charizard, and Blastoise, which is available exclusively at the LEGO Store,…
AMC Theatres is once again testing the waters to see if moviegoers are willing to…
This website uses cookies.