PAN-OS Critical Vulnerabilities Patched By The Palo Alto Networks
The Palo Alto Networks have released PAN-OS updates. PAN-OS is the operating system for the enterprise security platform.
PAN-OS possess many features like:
- To address the system vulnerabilities.
Vulnerabilities can be categorized into "critical" and "high" severity.
On Wednesday Advisories which were published by the company contain an information about the GlobalProtect portal serious issue that is a critical buffer overflow. The consequences of this vulnerability is that:
- It caused improper handling of a buffer in SSL VPN request Processor.
- It can also exploit to cause a denial-of-service (DoS) condition.
- It can also crash a device even for remote code execution.
Along with that the company (network and enterprise security) also informed users about the consequences of this vulnerability by which malicious actor can easily allow executing arbitrary OS commands by accessing the device management web interface
The company said in the advisory that “Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management
API incorrectly parses input to a specific API call, leading to the execution of arbitrary OS commands without authentication via the management interface,” There is also the another medium severe flaw issue to the GlobalProtect portal by which unauthenticated attacker can easily crash the portal by remote network access.
It has also published in an advisory by Palo Alto Networks in which they explained about the low severity issue along with their consequences. Low severity flaw allows a authenticated attacker who has administrator rights to execute the commands at the OS level with root privileges.
PAN-OS versions 5.0.17, 6.0.12, 6.1.9, 7.0.4 are the versions that have been affected by the critical and high severity vulnerabilities, but now it has been patched in the PAN-OS versions 5.0.18, 6.0.13, 6.1.10 and 7.0.5.
PAN-OS versions 5.0.17, 6.0.12, 6.1.9, 7.0.5 are the versions affected by the medium severity flaw impacts, but it has been resolved in PAN-OS 5.0.18, 6.0.13, 6.1.10, 7.0.5H2.
PAN-OS versions 5.0.17, 5.1.10, 6.0.12, 6.1.9, 7.0.5 are the versions affected by the low severity issue, and it's fixed in 5.0.18, 5.1.11, 6.0.13, 6.1.10 and 7.0.5H2.
On March 16, When the details of these weaknesses will be disclosed at a conference, prior to that almost many systems will patch by Palo Alto Networks customers.
Felix Wilhelm of German security firm ERNW Research was the one who reported about these vulnerabilities, all the details will be disclosed on March 14-18 in the city of Heidelberg in Germany, during the researcher’s presentation on attacking next-generation firewalls at the company’s TROOPER16 conference