Palo Alto Networks has issued security updates to address tens of vulnerabilities in PAN-OS, the software that runs on the company’s next-generation firewalls.
One of the most severe vulnerabilities, tracked as CVE-2020-2018, is an authentication bypass vulnerability in the Panorama context switching feature. The flaw could be exploited by an attacker with network access to a Panorama’s management interface to gain privileged access to managed firewalls.
“An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama’s management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue.” reads the advisory published by the vendor.
This vulnerability does not impact Panorama configured with custom certificates authentication for communication between Panorama and managed devices.
The issue received a CVSSv3.1 Base Score of 9, it affects PAN-OS 7.1 versions earlier than 7.1.26, PAN-OS 8.1 versions earlier than 8.1.12, PAN-OS 9.0 versions earlier than 9.0.6, and all versions of PAN-OS 8.0.
Palo Alto Networks also addressed an XML external entity reference (‘XXE’) vulnerability, tracked as CVE-2020-2012, that could lead to information leak.
The flaw could be exploited by unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system.
The vendor also fixed a high-severity vulnerability, tracked as CVE-2020-2011, that could be exploited by a remote, unauthenticated attacker to trigger a denial-of-service (DoS) condition to all Panorama services by sending specially crafted registration requests.
Other high severity issues affect the previous Nginx version used in PAN-OS software, some of them could be exploited without authentication.
Palo Alto Networks also addressed serious cross-site scripting (XSS) vulnerability in the GlobalProtect Clientless VPN can be exploited to compromise a user’s session by tricking the victims into visiting a malicious website.
The full list of vulnerabilities addressed by Palo Alto Networks is available here.
(SecurityAffairs – PaloAlto Networks, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.