Palo Alto Firewall vulnerabilities discovered and patched
September 14, 2020
Palo Alto Firewall Vulnerabilities Overview
This threat report provides actionable intelligence about a series of vulnerabilities ranging in criticality affecting the Palo Alto firewall software suite. The vulnerabilities have been assigned the following CVEs (Common Vulnerabilities and Exposures) varies: CVE-2020-2036, CVE-2020-2037, CVE-2020-2038, CVE-2020-2039, CVE-2020-2040, CVE-2020-2041, CVE-2020-2042, CVE-2020-2043, and CVE-2020-2044.
The risk associated with these Palo Alto firewall vulnerabilities varies. These weaknesses either affect the web interface management, Captive Portal or Multi-Factor Authentication interface or the management interface.
The most critical of the vulnerabilities is CVE-2020-2040 which may allow an unauthenticated attacker the opportunity to derail system processes and execute code using the root account. Successful exploitation is achieved by sending a specially crafted request to the assigned interface for the Captive Portal or for Multi-Factor Authentication. CVE-2020-2040 affects any Palo Alto firewall running any version of PAN-OS 8.0.
The vulnerability does not affect the GlobalProtect VPN or the PAN-OS management web interfaces.
With the prevalence, severity, and sophistication of cybersecurity attacks growing by the day, businesses of all types and sizes are scrambling to protect themselves. This best practices guide takes you through the 8 essential steps to managing a data breach. Download now.
Note: The Avertium Threat Report analyzes one current threat that has been shared by threat intelligence networks across the globe. Used internally by the Avertium CyberOps Team, this report will outline a “top-of-mind” threat and how it ought to be addressed accordingly.
This informed analysis is based on the latest data available.