Palo Alto Networks has fixed a Critical buffer overflow vulnerability that could allow an attacker to execute remote code as root on PAN-OS devices, along with multiple other High severity issues.
“A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface,” Palo Alto Networks warned in the advisory.
The issue affects the following versions of PAN-OS that have either Captive Portal or Multi-Factor Authentication (MFA) enabled:
- All versions of PAN-OS 8.0
- PAN-OS 8.1 versions earlier than PAN-OS 8.1.15
- PAN-OS 9.0 versions earlier than PAN-OS 9.0.9
- PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.
However, the vulnerability does not impact the GlobalProtect VPN or the PAN-OS management web interfaces.
The issue is also rated CVSS score of 9.8.
Other High severity PAN-OS vulnerabilities
In addition to the Critical vulnerability, Palo Alto Networks also addressed five High severity PAN-OS vulnerabilities.
The PAN-OS issues include XSS, DoS, OS command injection and buffer overflow flaws:
- CVE-2020-2036: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface
- CVE-2020-2041: Management web interface denial-of-service (DoS)
- CVE-2020-2037: OS command injection vulnerability in the management web interface
- CVE-2020-2038: OS command injection vulnerability in the management web interface
- CVE-2020-2042: Buffer overflow in the management web interface.
Check out the Palo Alto Networks security advisories for more details on these vulnerabilities and recommended upgrades, along with other Medium and Low severity issues.
- Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic
- Palo Alto Networks patches Critical PAN-OS authentication bypass vulnerability (CVE-2020-2021)
- Top 3 AWS security configuration mistakes
- F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility