Sophos Wireless Access Point Vulnerability Allows Attackers to Bypass Authentication
Sophos has released an important security advisory addressing a critical authentication bypass vulnerability in its AP6 Series Wireless Points.
Attackers who can reach the management interface of an affected device may exploit this flaw to gain full administrator privileges.
Sophos discovered this issue through routine internal security testing and released a firmware update to protect customers against potential attacks.
Vulnerability Overview
The identified flaw, tracked as CVE-2025-10159, affects firmware versions of the Sophos AP6 Series Wireless Access Points prior to 1.7.2563 (MR7).
An attacker with network access to the management IP of the access point can bypass authentication checks, effectively granting elevated control of the device.
| CVE | Severity | Product(s) | Workaround |
| CVE-2025-10159 | Critical | Sophos Wireless | None |
This could allow unauthorized changes to wireless settings, network segmentation rules, or logging configurations, opening the door to further network compromise.
No workaround is available, but an update has been issued. Customers using Sophos’s default automatic update policy will receive the fix without needing to take any action.
Those who have disabled automatic updates must manually apply the new firmware to secure their devices.
Wireless access points serve as critical gateways between user devices and corporate networks. If left unpatched, this authentication bypass vulnerability could enable attackers to:
- Alter wireless network configurations to intercept or manipulate user traffic
- Create rogue wireless networks or weaken encryption settings
- Pivot into internal systems by exploiting trusted device connections
The attack requires the adversary to reach the device’s management IP address. In many deployments, management interfaces are restricted to internal networks or dedicated management VLANs.
However, misconfigured networks or exposed management ports could leave devices vulnerable from both inside and outside the corporate perimeter.
Recommended Actions
Sophos has bundled the fix into firmware version 1.7.2563 (MR7), released on 11 August 2025. To protect your network:
- Verify the firmware version on all Sophos AP6 Series Wireless Access Points.
- If the version is earlier than 1.7.2563 (MR7), download and install the update immediately.
- For environments with automatic updates disabled, enable or schedule the firmware upgrade at the earliest maintenance window.
- Confirm successful installation by checking the firmware version in the device’s management dashboard.
No customer action is required if you rely on Sophos’s default update policy, which installs new firmware automatically. All other users should prioritize this update to avoid potential breaches.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Post Comment