Sophos Firewall

Discussions SQL injection vulnerability and malicious code execution in XG Firewall/SFM

Sophos Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 2 replies
Subscribers 27 subscribers
Views 1319 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SQL injection vulnerability and malicious code execution in XG Firewall/SFM

Sophos User837 over 5 years ago

I suppose that the SFM too could suffer from this vulnerability. Is it? Or the SFM appliance is not impacted?

This thread was automatically locked due to age.

0 FloSupport over 5 years ago

Hi Sophos User837

SFM is not impacted. Sophos commenced an investigation and the incident was determined to be an attack against physical and virtual XG Firewall units.

More information here: https://community.sophos.com/kb/en-us/135412

Regards,
Cancel
Vote Up 0 Vote Down

Cancel
0 FloSupport over 5 years ago in reply to FloSupport

After analyzing the components and intent of the attack, Sophos published a SophosLabs Uncut article, “Asnarok” Trojan targets firewalls, to share its current understanding of the malware.
Cancel
Vote Up 0 Vote Down

Cancel