Your review has been sent successfully

Sophos Update

3249
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

28 April, 2020

● Critical

2020-1182

All

Description:

Sophos has released security update to address a vulnerability in the following product:

  • All versions of XG Firewall/SFOS (both physical and virtual firewalls).

Threats:

Remote attacker could exploit this vulnerability by executing arbitrary SQL queries in database.

Best practice and Recommendations:

The CERT team encourages users to update the firewall to the hotfix SFOS 17.0, 17.1, 17.5, 18.0. After the hotfix is applied:

  1. Reset device administrator accounts.
  2. Reboot the XG device(s).
  3. Reset passwords for all local user accounts.

Saudi CERT also recommends enabling the automatic installation of hotfixes:

  1. Navigate to Backup & firmware
  2. Firmwar
  3. Hotfix
  4. Enable Allow automatic installation of hotfixes

For more details:

Last updated at 28 April, 2020

Rate the content

rate-icon
up icon