3CX DLL-Sideloading attack: What you need to know
On May 12, 2021, the researcher Mathy Vanhoef released a security advisory disclosing multiple medium severity CVEs for the 802.11 Wireless Network Specification, which is applicable to a wide variety of WiFi products. These vulnerabilities can be triggered by an adjacent attacker. If exploited, these vulnerabilities may lead to information disclosure under certain conditions, as well as unauthorized participation in a vulnerable network.
Sophos customers using any of the products mentioned below are impacted. If you are not using these products, you are not impacted.
Sophos is working on porting available patches to the impacted firmware versions for all of the products above.
Product
Release
XGS LocalWiFi/optional WiFi - 18.5 MR1
SFOS 18.5 MR1
XG(S) managed APX(APX120, APX320, APX530, APX740)Firmware: WiFi FW 11.0.016
SFOS 17.5 MR12 and laterSFOS 18.0 GA and laterSFOS 18.5 GA and later
2021 July
XG LocalWiFi/optional WiFi - 18MR6
SFOS 18.0 MR6 (MR5 + frag fixes)
XG LocalWiFi/optional WiFi - 17.5MR17
SFOS 17.5 MR17 (MR16 + frag fixes)
XG(S)/SG managed RED and SD-RED WiFi
RED 3.0.007
SFOS 18 MR3 and laterSFOS 17.5 MR12 and laterUTM 9.7 MR8 (9.708)
XG(S)/SG managed AP(AP100/C/X, AP55/C, AP15/C)
Firmware: WiFi FW 11.0.017
SFOS 18 MR3 and laterSFOS 17.5 MR12 and later
SG LocalWiFi/optional WiFi
(Including AP, APX & RED)
UTM 9.7 MR9 (9.709)
Central managed APX(APX120, APX320/X, APX530, APX740)
Cwifi v2.3.3
Central managed AP(AP100/C/X, AP55/C, AP15/C)
Sophos will update this page with the latest information as it becomes available.