CVE-2020-15069

Name of the Vulnerable Software and Affected Versions Sophos XG Firewall versions 17.x through v17.5 MR12

Description The issue is related to a buffer overflow flaw in the HTTP/S Bookmarks feature for clientless access, allowing remote code execution. A hotfix, HF062020.1, has been published for all firewalls running v17.x. This flaw could allow unauthorized access via the user portal on WAN.

Recommendations For Sophos XG Firewall versions 17.x through v17.5 MR12, apply the hotfix HF062020.1 to resolve the issue. As a temporary workaround, consider disabling the HTTP/S Bookmarks feature for clientless access until the hotfix is applied.