Sophos Releases Update to Patch Zero-day Vulnerability

Sophos, XG Firewall, SQL, zero-day vulnerability, User Portal, WAN zone, hackers, cyber criminals
Sophos Releases Update to Patch Zero-day Vulnerability

Sophos released an emergency security update on Saturday, to patch a zero-day vulnerability in its XG enterprise firewall, after being reportedly exploited by hackers. The cybersecurity firm received a report from one of its customers saying there is a suspicious field value visible in the management interface.

Also Read: Enterprise Contact Centers are being targeted with COVID-19 Scams

Cybercriminals targeted Sophos XG Firewall devices that had the User Portal control panel exposed to the WAN zone. The firm said hackers used the SQL injection vulnerability to download a payload on the device, which then stole files from the XG Firewall.


Also, Read: Hackers Trade Data of 267 Million Facebook Users for over $500

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.