Sophos has released a security advisory addressing five vulnerabilities in Sophos Firewall, two of which are critical and could enable remote attackers to take control of affected devices in specific situations. The company confirms that fixes have been automatically deployed through hotfixes, assuming the auto-installation setting is default.

Remediation and Recommendations
Sophos released hotfixes for supported versions, advising upgrades to at least version 21.0 MR1. Customers on older versions must upgrade manually to get the patches. There have been no active exploits of these vulnerabilities yet.
InfoSecBulletin Cybersecurity for mankind
