Sophos XG 550
XG-series-appliance-XG-550
Appliance
· XG Series
Known Exploited Vulnerabilities
This device is past Sophos's security-support date. 3 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform it runs. Sophos is not issuing patches for this model. Isolate, compensate, or refresh.
| CVE | KEV added | Vulnerability | Flags |
|---|---|---|---|
CVE-2020-15069
|
Sophos XG Firewall Buffer Overflow Vulnerability | ||
CVE-2022-3236
|
Sophos Firewall Code Injection Vulnerability | ||
CVE-2022-1040
|
Sophos Firewall Authentication Bypass Vulnerability |
Source: CISA Known Exploited Vulnerabilities catalog. The Ransomware flag reflects CISA's own knownRansomwareCampaignUse field, set when the CVE has been observed in ransomware campaigns per their threat intel. It's not a property of the vulnerability description itself.
Correlation is at the platform level, not per-OS-version. Not exhaustive: KEV only lists actively-exploited CVEs and many relevant unexploited vulnerabilities are not here. Verify against vendor security advisories (PSIRT, JSA, PAN-SA) and NVD before acting. See compensating controls if refresh isn't immediate.
Sophos XG 550 Lifecycle Overview
The Sophos Sophos XG 550 (XG-series-appliance-XG-550) is a appliance product in the Sophos XG series. This product has reached end of life as of , meaning Sophos no longer provides technical support, software updates, or hardware replacement for this product. Organizations still running the Sophos XG 550 should plan a migration .
Lifecycle Milestones
| Last order date | 2y 1mo ago | |
|---|---|---|
| Last date of support | 1y 1mo ago |