Home/Resources/Security Exposure

Post-EoL Security Exposure

Devices past their security-support date that are named in CISA's Known Exploited Vulnerabilities catalog.

This is not a CVE search tool. Every entry below is a specific device in our catalog that (1) is past the vendor's end-of-vulnerability-security-support or last-date-of-support date and (2) runs a platform listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. The vendor is not patching these devices. The vulnerabilities are being exploited in the wild.

Correlation is at the platform level (Junos OS, PAN-OS, BIG-IP, SonicOS, Firebox, etc.). A specific CVE may affect only certain OS versions; the device may or may not have received the patch before the vendor cut off support. Assume exposure unless you've confirmed otherwise.

92
models on affected platforms
179
distinct CVEs
1647
KEV entries tracked

By vendor

Counts reflect post-EoL models running on an affected platform. A specific firmware version may not be vulnerable — verify with the vendor's PSIRT advisory.

Vendor Models on platform Distinct CVEs Ransomware-linked
Juniper 965 7 0
Cisco 815 60 3
Fortinet 514 24 12
Arista 201 1 0
QNAP 124 10 9
WatchGuard 92 4 0
SonicWall 84 16 9
Check Point 72 2 2
Sophos 39 3 0
NETGEAR 36 2 0
F5 Networks 33 7 4
Palo Alto 16 12 5
D-Link 13 14 1
Zyxel 12 1 0
Citrix 4 16 4

Flagged models

Clear filters

92 flagged devices (watchguard).

Newest CVE added Device Vendor CVEs Ransom
Firebox II WatchGuard 4
Firebox II+ WatchGuard 4
Firebox II+ Fast VPN WatchGuard 4
Firebox M200 WatchGuard 4
Firebox M300 WatchGuard 4
Firebox M400 WatchGuard 4
Firebox M440 WatchGuard 4
Firebox M500 WatchGuard 4
Firebox S6 WatchGuard 4
Firebox SOHO 6 This end-of-life schedule also applies to legacy SOHO models. WatchGuard 4
Firebox SOHO 6 Wireless WatchGuard 4
Firebox SSL Core VPN Gateway WatchGuard 4
Firebox T10 WatchGuard 4
Firebox T10-D WatchGuard 4
Firebox T10-W WatchGuard 4
Firebox T30 WatchGuard 4
Firebox T30-W WatchGuard 4
Firebox T35 WatchGuard 4
Firebox T35-W WatchGuard 4
Firebox T50 WatchGuard 4
Firebox T50-W WatchGuard 4
Firebox T55 WatchGuard 4
Firebox T55-W WatchGuard 4
Firebox T70 WatchGuard 4
Firebox Vclass Non-V200 models Japan Only WatchGuard 4
Firebox Vclass Non-V200 models Outside Japan WatchGuard 4
Firebox Vclass V200 WatchGuard 4
Firebox X Core X1000 WatchGuard 4
Firebox X Core X1250e WatchGuard 4
Firebox X Core X2500 WatchGuard 4
Firebox X Core X500 WatchGuard 4
Firebox X Core X550e WatchGuard 4
Firebox X Core X700 WatchGuard 4
Firebox X Core X750e WatchGuard 4
Firebox X Edge X10e WatchGuard 4
Firebox X Edge X10e-W WatchGuard 4
Firebox X Edge X15 WatchGuard 4
Firebox X Edge X15W WatchGuard 4
Firebox X Edge X20e WatchGuard 4
Firebox X Edge X20e-W WatchGuard 4
Firebox X Edge X5 WatchGuard 4
Firebox X Edge X50 WatchGuard 4
Firebox X Edge X50W WatchGuard 4
Firebox X Edge X55e WatchGuard 4
Firebox X Edge X55e-W WatchGuard 4
Firebox X Edge X5W WatchGuard 4
Firebox X Peak X5000 WatchGuard 4
Firebox X Peak X5500e WatchGuard 4
Firebox X Peak X6000 WatchGuard 4
Firebox X Peak X6500e WatchGuard 4
Firebox X Peak X8000 WatchGuard 4
Firebox X Peak X8500e WatchGuard 4
Firebox X Peak X8500e-F WatchGuard 4
XTM 1050 WatchGuard 4
XTM 1520 WatchGuard 4
XTM 1520-RP WatchGuard 4
XTM 1525-RP WatchGuard 4
XTM 2050 WatchGuard 4
XTM 21 WatchGuard 4
XTM 21-W WatchGuard 4
XTM 22 WatchGuard 4
XTM 22-W WatchGuard 4
XTM 23 WatchGuard 4
XTM 23-W WatchGuard 4
XTM 25 WatchGuard 4
XTM 25-W WatchGuard 4
XTM 2520 WatchGuard 4
XTM 26 WatchGuard 4
XTM 26-W WatchGuard 4
XTM 33 WatchGuard 4
XTM 33-W WatchGuard 4
XTM 330 WatchGuard 4
XTM 505 WatchGuard 4
XTM 510 WatchGuard 4
XTM 515 WatchGuard 4
XTM 520 WatchGuard 4
XTM 525 WatchGuard 4
XTM 530 WatchGuard 4
XTM 535 WatchGuard 4
XTM 545 WatchGuard 4
XTM 810 WatchGuard 4
XTM 820 WatchGuard 4
XTM 830 WatchGuard 4
XTM 830-F WatchGuard 4
XTM 850 WatchGuard 4
XTM 860 WatchGuard 4
XTM 870 WatchGuard 4
XTM 870-F WatchGuard 4
XTMv-Datacenter WatchGuard 4
XTMv-Large WatchGuard 4
XTMv-Medium WatchGuard 4
XTMv-Small WatchGuard 4

Operators running any device in this list should treat it as a compensating-control scenario under NIST SA-22 and the equivalent PCI-DSS, HIPAA, and cyber-insurance guidance. See the Compliance and Insurance page for clause-level context and control options.

Source: CISA Known Exploited Vulnerabilities catalog. Snapshot refreshed weekly.

↑ Top