Sophos discovered an XG Firewall v17.x vulnerability regarding access to physical and virtual units configured with the user portal exposed on the WAN. This was a previously unknown buffer overflow vulnerability in the user portal HTTP/S bookmark feature.
Sophos quickly responded and remediated with a hotfix that removes the HTTP/S bookmark functionality for all XG Firewalls running SFOS v17.x. XG Firewall v18 was not impacted.
Sophos XG Firewall v17.5 MR12 and earlier
You will receive an email from Sophos if any action is required
Sophos strongly recommends following industry best practices and the additional steps below to fully remediate the issue:
Jakob P Even after re-enabling it, which we've done on 2 XGs, it's automatically disabling itself sometime later. We're constantly having to re-enable it.