Post-EoL Security Exposure
Devices past their security-support date that are named in CISA's Known Exploited Vulnerabilities catalog.
This is not a CVE search tool. Every entry below is a specific device in our catalog that (1) is past the vendor's end-of-vulnerability-security-support or last-date-of-support date and (2) runs a platform listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. The vendor is not patching these devices. The vulnerabilities are being exploited in the wild.
Correlation is at the platform level (Junos OS, PAN-OS, BIG-IP, SonicOS, Firebox, etc.). A specific CVE may affect only certain OS versions; the device may or may not have received the patch before the vendor cut off support. Assume exposure unless you've confirmed otherwise.
By vendor
Counts reflect post-EoL models running on an affected platform. A specific firmware version may not be vulnerable — verify with the vendor's PSIRT advisory.
| Vendor | Models on platform | Distinct CVEs | Ransomware-linked |
|---|---|---|---|
| Juniper | 859 | 7 | 0 |
| SonicWall | 54 | 3 | 2 |
| F5 Networks | 33 | 5 | 3 |
| Sophos | 23 | 3 | 0 |
| Palo Alto | 16 | 10 | 5 |
Flagged models
23 flagged devices (sophos).
| Newest CVE added | Device | Vendor | CVEs | Ransom |
|---|---|---|---|---|
| Sophos XG 105 | Sophos | 3 | ||
| Sophos XG 105w | Sophos | 3 | ||
| Sophos XG 106 | Sophos | 3 | ||
| Sophos XG 106w | Sophos | 3 | ||
| Sophos XG 115 | Sophos | 3 | ||
| Sophos XG 115w | Sophos | 3 | ||
| Sophos XG 125 | Sophos | 3 | ||
| Sophos XG 125w | Sophos | 3 | ||
| Sophos XG 135 | Sophos | 3 | ||
| Sophos XG 135w | Sophos | 3 | ||
| Sophos XG 210 | Sophos | 3 | ||
| Sophos XG 230 | Sophos | 3 | ||
| Sophos XG 310 | Sophos | 3 | ||
| Sophos XG 330 | Sophos | 3 | ||
| Sophos XG 430 | Sophos | 3 | ||
| Sophos XG 450 | Sophos | 3 | ||
| Sophos XG 550 | Sophos | 3 | ||
| Sophos XG 650 | Sophos | 3 | ||
| Sophos XG 750 | Sophos | 3 | ||
| Sophos XG 85 | Sophos | 3 | ||
| Sophos XG 85w | Sophos | 3 | ||
| Sophos XG 86 | Sophos | 3 | ||
| Sophos XG 86w | Sophos | 3 |
Operators running any device in this list should treat it as a compensating-control scenario under NIST SA-22 and the equivalent PCI-DSS, HIPAA, and cyber-insurance guidance. See the Compliance and Insurance page for clause-level context and control options.
Source: CISA Known Exploited Vulnerabilities catalog. Snapshot refreshed weekly.