Sophos XG 85
XG-series-appliance-XG-85
Appliance
· XG Series
Known Exploited Vulnerabilities
This device is past Sophos's security-support date. 3 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform it runs. Sophos is not issuing patches for this model. Isolate, compensate, or refresh.
| CVE | KEV added | Vulnerability | Flags |
|---|---|---|---|
CVE-2020-15069
|
Sophos XG Firewall Buffer Overflow Vulnerability | ||
CVE-2022-3236
|
Sophos Firewall Code Injection Vulnerability | ||
CVE-2022-1040
|
Sophos Firewall Authentication Bypass Vulnerability |
Source: CISA Known Exploited Vulnerabilities catalog. The Ransomware flag reflects CISA's own knownRansomwareCampaignUse field, set when the CVE has been observed in ransomware campaigns per their threat intel. It's not a property of the vulnerability description itself.
Correlation is at the platform level, not per-OS-version. Not exhaustive: KEV only lists actively-exploited CVEs and many relevant unexploited vulnerabilities are not here. Verify against vendor security advisories (PSIRT, JSA, PAN-SA) and NVD before acting. See compensating controls if refresh isn't immediate.
Sophos XG 85 Lifecycle Overview
The Sophos Sophos XG 85 (XG-series-appliance-XG-85) is a appliance product in the Sophos XG series. This product has reached end of life as of , meaning Sophos no longer provides technical support, software updates, or hardware replacement for this product. It was last available for purchase on . Organizations still running the Sophos XG 85 should plan a migration .
Lifecycle Milestones
| End of sale | 6y 8mo ago | |
|---|---|---|
| Last order date | 4y 8mo ago | |
| Last date of support | 3y 8mo ago |