Security News > 2020 > April > Malware Delivered to Sophos Firewalls via Zero-Day Vulnerability

Malware Delivered to Sophos Firewalls via Zero-Day Vulnerability
2020-04-27 03:39

Cybersecurity company Sophos informed customers over the weekend that it has patched a zero-day vulnerability that has been exploited to deliver malware to its XG Firewall appliances.

An investigation revealed that attackers have been exploiting a previously unknown SQL injection vulnerability to hack exposed physical and virtual firewalls.

Sophos started taking measures shortly after the attack started and it rolled out a SFOS hotfix that patches the SQL injection vulnerability on April 25.

In a blog post published late on Sunday, Sophos revealed that the attacker exploited the SQL injection vulnerability to insert a one-line command into the firewall database.

Sophos has dubbed the malware involved in the attack Asnarok and attributed the operation to an "Unknown adversary."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/vjg0HE7BBzM/malware-delivered-sophos-firewalls-zero-day-vulnerability

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sophos 70 11 79 43 22 155