A serious vulnerability in Sophos XG Firewall was under exploit. Specifically, hackers abused this bug to steal data from target devices.
Reportedly, Sophos has disclosed an SQL vulnerability in its XG Firewall that hackers actively exploited.
Describing the details in an advisory, Sophos stated that they recently noticed an attack on XG devices which triggered them to investigate. As explained in the advisory,
Eventually, they could discover a previously unknown SQL injection vulnerability in XG Firewall. The hackers abused this flaw to target the devices with malicious payloads to steal data.
After noticing the incident, Sophos worked to develop and release a hotfix for all XG Firewall/SFOS versions.
This hotfix rolled out for both compromised and non-compromised systems. Hence, all XG Firewall users will receive the patch. Moreover, they would also know about the compromise of their device through the popup notification after the hotfix application.