CVE-2020-15069

critical-risk
Published 2020-06-29

Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.

Do I need to act?

!
82.6% chance of exploitation in next 30 days
EPSS score — higher than 17% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (13)

Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware
Xg Firewall Firmware

Affected Vendors

Sophos

References (3)

Mitigation https://community.sophos.com/b/security-blog/posts/advisory-buffer-overflow-vuln...
Mitigation https://community.sophos.com/b/security-blog/posts/advisory-buffer-overflow-vuln...
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-...
76
/ 100
critical-risk
Severity 32/34 · Critical
Exploitability 27/34 · High
Exposure 17/34 · Moderate