Analysis Summary

CVE-2025-7472 CVSS:7.5

A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM.

CVE-2024-13972 CVSS:8.8

A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade.

CVE-2025-7433 CVSS:8.8

A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution.

Impact

• Gain Access
• Code Execution
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2025-7472

• CVE-2024-13972

• CVE-2025-7433

Affected Vendors

Affected Products

• Sophos Intercept X for Windows Installer 1.22
• Sophos Intercept X for Windows 2024.3.2
• Sophos Intercept X for Windows Central Device Encryption 2025.1

Remediation

Refer to Sophos Security Advisory for patch, upgrade, or suggested workaround information.

Sophos Security Advisory