Vulnerability in Palo Alto Networks Firewalls

[German]Here's a security information for administrators using Palo Alto Networks firewalls with PAN-OS . In PAN-OS there are several critical bugs, which enables attackers to gain remote root access to the firewalls.


Advertising

The vulnerability (CVE-2017-15944) has been discovered by Philip Pettersson. He has published this Security Advisory on securelist. org. Three different bugs in the firewall software can be combined. Then, a remote code execution attack via the web management interface. The attacker is able to gain root access without authentication.

The following products are affected: PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.13 and earlier, PAN-OS 8.0.5 and earlier. Palo Alto Networks recommends that you only share the Web management interface with the LAN and block WAN access over the Internet.

Unfortunately, some administrators configure the firewalls incorrectly. This Shodan site lists over 6,000 Palo Alto Networks devices as accessible via the Internet. Palo Alto Networks has released updates for the affected PAN-OS versions on December 5, 2017. Bugs were fixed in PAN-OS 6.1.19,7.0.19,7.1.14 and 8.0.6-h3. Further information can be found here.


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in devices, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *