On May 12, 2021, the researcher Mathy Vanhoef released a security advisory disclosing multiple medium severity CVEs for the 802.11 Wireless Network Specification, which is applicable to a wide variety of WiFi products. These vulnerabilities can be triggered by an adjacent attacker. If exploited, these vulnerabilities may lead to information disclosure under certain conditions, as well as unauthorized participation in a vulnerable network.

Sophos customers using any of the products mentioned below are impacted. If you are not using these products, you are not impacted.

Applies to the following Sophos product(s) and version(s)

  • Sophos Firewall (XG and XGS) products with both integrated and add-on WiFi modules
  • Sophos UTM (SG) products with both integrated and add-on WiFi modules
  • APX 120, APX 320/X, APX 530, APX 740 access points (all management platforms)
  • AP 100/C/X, AP 55/C, AP 15/C access points (all management platforms)
  • RED and SD-RED with both integrated and add-on WiFi modules


Sophos is working on porting available patches to the impacted firmware versions for all of the products above.

Targeted Update Timelines



Release date

XGS LocalWiFi/optional WiFi - 18.5 MR1

SFOS 18.5 MR1

2021 November

XG(S) managed APX(APX120, APX320, APX530, APX740)
Firmware: WiFi FW 11.0.016

SFOS 17.5 MR12 and later

SFOS 18.0 GA and later

SFOS 18.5 GA and later

2021 July

XG LocalWiFi/optional WiFi - 18MR6

SFOS 18.0 MR6 (MR5 + frag fixes)

2021 September

XG LocalWiFi/optional WiFi - 17.5MR17

SFOS 17.5 MR17 (MR16 + frag fixes)

2021 December

XG(S)/SG managed RED and SD-RED WiFi

RED 3.0.007

SFOS 18 MR3 and later

SFOS 17.5 MR12 and later

UTM 9.7 MR8 (9.708)

2021 October

XG(S)/SG managed AP(AP100/C/X, AP55/C, AP15/C)

Firmware: WiFi FW 11.0.017

SFOS 18 MR3 and later

SFOS 17.5 MR12 and later

2021 December

SG LocalWiFi/optional WiFi

(Including AP, APX & RED)

UTM 9.7 MR9 (9.709)

2022 January

Central managed APX(APX120, APX320/X, APX530, APX740)

Cwifi v2.3.3

2021 August

Central managed AP(AP100/C/X, AP55/C, AP15/C)

Cwifi v2.3.3

2021 August

Sophos will update this page with the latest information as it becomes available.

Related Information