Palo Alto Networks this week introduced that it has patched crucial and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software program.

Essentially the most severe of the issues, based mostly on its CVSS rating of 9.8, is CVE-2020-2040, a buffer overflow will be exploited by a distant, unauthenticated attacker to disrupt system processes and presumably to execute arbitrary code with root permissions by sending specifically crafted requests to the Multi-Issue Authentication (MFA) interface or the Captive Portal.

One other probably severe vulnerability, categorised as excessive severity and tracked as CVE-2020-2041, permits a distant, unauthenticated attacker to get all PAN-OS companies to enter a DoS situation by inflicting the machine to restart and enter upkeep mode.

A vulnerability that may be exploited to disrupt system processes and presumably to execute arbitrary code with root privileges has additionally been rated excessive severity, however exploitation requires authentication to the PAN-OS administration interface.

The aforementioned vulnerabilities had been found internally by Palo Alto Networks. Nevertheless, the corporate has additionally revealed advisories for safety holes recognized by researchers at Constructive Applied sciences.

In response to Constructive Applied sciences, its workers discovered a complete of 4 vulnerabilities described as cross-site scripting (XSS), OS command injection, and DoS points.

Exploitation of the OS command injection flaws, each categorised as excessive severity, can permit an attacker with admin privileges to execute arbitrary instructions as root.

The XSS vulnerability, which has a CVSS rating of 8.8, permits a distant attacker to carry out actions on behalf of an authenticated administrator by getting them to click on on a malicious hyperlink.

“Attackers will be capable to carry out any actions on behalf of this person within the context of the Palo Alto software, spoof pages, and develop assaults,” Constructive Applied sciences defined. “The assault will be performed from the Web, but when the administrator panel is situated inside, attackers must know its tackle contained in the community.”

Palo Alto Networks says it’s not conscious of any assaults exploiting these vulnerabilities. Nevertheless, the corporate’s merchandise are recognized to have been focused by malicious actors.

A couple of months in the past, after the corporate introduced patches for a crucial authentication bypass flaw in PAN-OS, the U.S. Cyber Command warned that overseas APTs will probably try to use it.

Associated: Palo Alto Networks Patches Many Vulnerabilities in PAN-OS

Associated: Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS

Associated: Juniper Networks Patches Crucial Vulnerabilities in Firewalls

Serious DoS patches for Palo Alto Networks, Code Execution Flaws in PAN-OS
Serious DoS patches for Palo Alto Networks, Code Execution Flaws in PAN-OS
Serious DoS patches for Palo Alto Networks, Code Execution Flaws in PAN-OS

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He labored as a highschool IT trainer for 2 years earlier than beginning a profession in journalism as Softpedia’s safety information reporter. Eduard holds a bachelor’s diploma in industrial informatics and a grasp’s diploma in pc strategies utilized in electrical engineering.

Earlier Columns by Eduard Kovacs:
Serious DoS patches for Palo Alto Networks, Code Execution Flaws in PAN-OSTags:

palo alto vulnerability database,palo alto vulnerability protection,cve-2019-1580,cve-2020-2018 exploit,cve-2020-11022 palo alto,cve-2019-1581,palo alto exploit,palo alto networks platform,palo alto networks cybersecurity,palo alto firmware,palo alto networks devices,palo alto tac portal,palo alto release notes,palo alto networks strata

Share: