← back
CVE-2020-15069

CVE-2020-15069

CVSS 9.8 CRITICALEPSS 10.7%● KEVCWE-120
In short

The Sophos XG Firewall has a buffer overflow vulnerability in its web-based bookmarks feature that allows attackers to run malicious code remotely without authentication. This is a critical flaw because it can give attackers complete control over the firewall.

Technical detail

A buffer overflow exists in the HTTP/S Bookmarks functionality of Sophos XG Firewall v17.x through v17.5 MR12, exploitable remotely without authentication. The vulnerability allows arbitrary code execution with firewall privileges. Mitigation requires applying hotfix HF062020.1 or upgrading to patched versions.

Summary generated and translated by AI from the official description.
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://community.sophos.com/b/security-blog/posts/advisory-buffer-overflow-vulnerability-in-user-portalhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15069