Security News > 2020 > April > Malware Delivered to Sophos Firewalls via Zero-Day Vulnerability
Cybersecurity company Sophos informed customers over the weekend that it has patched a zero-day vulnerability that has been exploited to deliver malware to its XG Firewall appliances.
An investigation revealed that attackers have been exploiting a previously unknown SQL injection vulnerability to hack exposed physical and virtual firewalls.
Sophos started taking measures shortly after the attack started and it rolled out a SFOS hotfix that patches the SQL injection vulnerability on April 25.
In a blog post published late on Sunday, Sophos revealed that the attacker exploited the SQL injection vulnerability to insert a one-line command into the firewall database.
Sophos has dubbed the malware involved in the attack Asnarok and attributed the operation to an "Unknown adversary."
News URL
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)