Tuesday, January 26, 04:34
Home security Palo Alto Networks: Fixes another serious flaw in PAN-OS devices

Palo Alto Networks: Fixes another serious flaw in PAN-OS devices

Palo Alto Networks (PAN) today faced another serious vulnerability that was detected at the PAN-OS GlobalProtect portal and affected the unpatched next generation PAN protection walls.

On June 29, PAN also corrected a critical vulnerability (CVE-2020-2021) with a CVSSv3 rating of 10/10, allowing unauthorized intruders to bypass identity authentication on PAN-OS devices with SAML authentication enabled and by selecting " Validate Identity Provider Certificate ”to be disabled.

OS vulnerability vulnerabilities have been fixed today and are being monitored as CVE-2020-2034 allows remote intruders without authentication to perform arbitrary operating system commands with root rights on unconnected devices.

CVE-2020-2034 vulnerability has been classified as high gravity with a basic CVSS score of 3.x 8,1 and can be exploited by threatening factors with network access to the vulnerable servers as part of high attacks complexity that do not require user interaction.

Palo Alto Networks PAN-OS

It only affects devices with the GlobalProtect port enabled

"This issue can not be exploited if the ability GlobalProtect portal ”, explains the security advisory of PAN. "Prisma Access services are not affected by this vulnerability."

The following table includes the affected PAN-OS versions, as well as those that received updates code by Palo Alto Networks to potentially defend attacks (The problem is solved in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3 and all newer versions.)

PAN-OS 7.1 and PAN-OS 8.0 are at the end life cycle and will not receive security updates to address this vulnerability.

Vulnerability was discovered by Yamata Li of Palo Alto Networks Threat Research Team during an internal overview security.

Attackers need additional knowledge to exploit

"An intruder would require some level of specific information about building an affected firewall or performing brute-force attacks to take advantage of this issue, "said Palo Alto Networks security advisory.

Although the PAN does not explain what specific information the attackers need to know about them vulnerable devices to successfully exploit it vulnerability, NT Warfield of the CTI League said this could mean that attacks should be adjusted per device.

"Attack Complexity is a bit vague, and high complexity can mean different things depending on what the vulnerability is, what the product is, and the level of complexity the vendor assumes is exploitable," Warfield told BleepingComputer. he was asked to explain the phrase "attacks are adjusted per device".

"The low level of complexity is vulnerabilities such as MS17-010, SMBGhost, etc. who only need the device to be exposed so that it can be exploited.

"The complexity can be either 'modifying the memory compensations in the POC based on the number of CPUs / memory' or it could be something else, so that the measurement is very subjective."


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.



COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...