CVE-2020-15069 — Sophos XG Firewall Buffer Overflow Vulnerability
2025-02-06 • CISA Known Exploited Vulnerability
[event] Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookmark" feature.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Sophos |
| Product | XG Firewall |
| CWE | CWE-120 |
| CVE ID | CVE-2020-15069 |
| Date Added | 2025-02-06 |
| Due Date | 2025-02-27 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date: 2025-02-27