September 10, 2025
Sophos has released a fix for a critical authentication bypass vulnerability (CVE-2025-10159) affecting its AP6 Series Wireless Access Points. The flaw, rated CVSS 9.8, could allow attackers with network access to the device’s management interface to gain full administrative control.
According to Sophos, “Authentication Bypass Vulnerability in Sophos AP6 Series Wireless Access Points Firmware.” The advisory explains that the issue was discovered during internal security testing, not through active exploitation: “Sophos has fixed an authentication bypass vulnerability in Sophos AP6 Series Wireless Access Points allowing attackers able to reach the access point’s management IP address to gain administrator level privileges.”
The vulnerability impacts all Sophos AP6 Series Wireless Access Points firmware prior to version 1.7.2563 (MR7). Devices running older firmware remain vulnerable until patched.
Sophos confirmed that the issue has been patched in AP6 Series firmware version 1.7.2563 (MR7) released after August 11, 2025. For most users, no action is needed, as “updates are installed automatically by default.”
However, organizations that have opted out of automatic updates must manually upgrade their devices to the latest version. Sophos stresses: “Users of older versions of Sophos AP6 Series Wireless Access Points firmware are required to upgrade to receive the latest protections, and this fix.”
Wireless access points are critical entry points into enterprise and campus networks. A flaw that allows attackers to bypass authentication and gain administrative privileges could lead to network-wide compromise, rogue configurations, and surveillance of sensitive traffic.
While Sophos has indicated that no exploitation has been observed in the wild, the high CVSS score of 9.8 reflects the seriousness of the vulnerability and the potential damage if left unpatched.
