Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Palo Alto Networks Patches Serious DoS, Code Execution Flaws in PAN-OS

Palo Alto Networks this week announced that it has patched critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software.

Palo Alto Networks this week announced that it has patched critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software.

The most serious of the flaws, based on its CVSS score of 9.8, is CVE-2020-2040, a buffer overflow can be exploited by a remote, unauthenticated attacker to disrupt system processes and possibly to execute arbitrary code with root permissions by sending specially crafted requests to the Multi-Factor Authentication (MFA) interface or the Captive Portal.

Another potentially serious vulnerability, classified as high severity and tracked as CVE-2020-2041, allows a remote, unauthenticated attacker to get all PAN-OS services to enter a DoS condition by causing the device to restart and enter maintenance mode.

A vulnerability that can be exploited to disrupt system processes and possibly to execute arbitrary code with root privileges has also been rated high severity, but exploitation requires authentication to the PAN-OS management interface.

The aforementioned vulnerabilities were discovered internally by Palo Alto Networks. However, the company has also published advisories for security holes identified by researchers at Positive Technologies.

According to Positive Technologies, its employees found a total of four vulnerabilities described as cross-site scripting (XSS), OS command injection, and DoS issues.

Exploitation of the OS command injection flaws, both classified as high severity, can allow an attacker with admin privileges to execute arbitrary commands as root.

The XSS vulnerability, which has a CVSS score of 8.8, allows a remote attacker to perform actions on behalf of an authenticated administrator by getting them to click on a malicious link.

“Attackers will be able to perform any actions on behalf of this user in the context of the Palo Alto application, spoof pages, and develop attacks,” Positive Technologies explained. “The attack can be conducted from the Internet, but if the administrator panel is located inside, attackers will have to know its address inside the network.”

Palo Alto Networks says it’s not aware of any attacks exploiting these vulnerabilities. However, the company’s products are known to have been targeted by malicious actors.

A few months ago, after the company announced patches for a critical authentication bypass flaw in PAN-OS, the U.S. Cyber Command warned that foreign APTs will likely attempt to exploit it.

Related: Palo Alto Networks Patches Many Vulnerabilities in PAN-OS

Related: Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS

Related: Juniper Networks Patches Critical Vulnerabilities in Firewalls

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.