CyberSec.Space Logo
Back to CVE Browser

CVE-2012-4736

LOW
3.3
CVSS Severity Score
EPSS Score0.1890%
EPSS Percentile9.49th
PublishedAug 29, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended access restrictions and copy sensitive information to a drive via multiple removal and reattach operations.

Affected Platforms (CPE)

πŸ“¦
Sophos

Safeguard Enterprise

= 6.0

References & Advisories

πŸ”— http://www.sophos.com/support/knowledgebase/1376/1380/114138.aspx
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/78580
πŸ”— http://www.sophos.com/support/knowledgebase/1376/1380/114138.aspx
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/78580

Related Vulnerabilities

CVE-2018-68517.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...

CVE-2018-68527.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...

CVE-2018-68537.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...

CVE-2018-68547.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...