Sophos states that they received a report on April 22nd that there was a suspicious field value being displayed in a customer’s Sophos XG Firewall management interface cover iphone 5 pineapple and began an investigation.

“Sophos received a report on cover samsung j3 cover iphone 5s simpatiche 2017 brillantini April 22, cover samsung vasco rossi 2020, at 20:29 UTC regarding an XG Firewall with a suspicious field value visible in the management interface. Sophos commenced cover samsung a8 2018 flip an cover iphone 8 360 gradi investigation and the incident was determined to be an attack against physical and virtual cover samsung galaxy 3 note neo XG Firewall units. The attack affected systems configured with either the administration (HTTPS service) or the User Portal exposed flip cover samsung note 3 on the WAN zone,” Sophos warned. For those who have this setting disabled, you can follow these instructions to install the hotfix.

“This hotfix eliminated the SQL injection vulnerability which prevented further exploitation, stopped the XG Firewall from accessing any attacker infrastructure, and cleaned up any remnants from the cover samsung j3 2016 con scritte attack,” explain in their security bulletin.

Sophos states that they completed the rollout of cover samsung a5 2017 frasi the hotfix to all XG Firewall units who have auto update enabled at 2020 cover samsung s3 neon 04 25 22:00.

How to tell if your Sophos XG Firewall was compromised

To help customers determine if their XG Firewall has been compromised, the hotfix will display an alert on the XG management interface stating whether your device was compromised or not.

Devices that were not compromised, the cover iphone 4s nightmare before christmas hotfix will display an alert stating “Hotfix applied for SQL Injection. Your device was NOT compromised.”

Alert showed when Sophos XG Firewall cover samsung a5 teschio was not compromised

Firewalls that have been cover samsung s8 in fibra di carbonio compromised by the vulnerability, the management marvel cover samsung interface will display a message warning “Hotfix applied for cover samsung galaxy a5 2017 basket SQL injection and partially cleaned.”

Alert ebay cover iphone 7 silicone showed when Sophos XG Firewall was compromised

For devices that were compromised, Sophos cover samsung a5 2017 doppia also recommends that you perform the following additional steps to make sure the firewall is secured.

Reset portal administrator and device administrator accounts

Reboot the XG device(s)

Reset passwords for all local user accounts

Although the passwords were hashed, it is recommended that aicek cover samsung a50 passwords are reset for cover iphone 6 naruto any accounts where the XG credentials might have been reused

Sophos also warns that even after applying the hotfix and performing remediation steps, this alert will continue to be shown in the management interface…