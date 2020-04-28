Expert Reaction On Hackers Exploit Zero-day In Sophos XG Firewall, Fix Released

It has been reported that Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks.

Rody Quinlan, Security Response Manager ,  Tenable
April 28, 2020
Attackers could reuse the credentials collected in a successful attack.
The SQL injection zero-day (CVE-2020-12271) affects the XG Firewall/Sophos Firewall Operating System (SFOS) and could allow attackers to exfiltrate “XG Firewall-resident data,” including usernames, hashed passwords, local user account credentials depending on the configuration. The vulnerability targets the XG Firewalls’s administration interface which is accessible via the user portal, a ....
