Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
CVE-2019-15846 outlines a vulnerability in Exim whereby a specially crafted SNI ending can be utilized to run arbitrary code on the vulnerable server
This vulnerability is not exploitable on any Sophos products, see the table below for more information.
* Despite this vulnerability not being exploitable due to the current architecture of the Sophos XG and Sophos UTM products, we do still plan on releasing a patch for Exim on these platforms in an upcoming Maintenance Release.