Critical privilege escalation vulnerability in Palo Alto Networks firewall

Here is a new example of how even the most prestigious information security companies are also exposed to exploiting security vulnerabilities. According to cyber security course specialists, California-based multinational cybersecurity firm Palo Alto Networks has revealed the presence of three critical vulnerabilities in some of the company’s firewall solutions.

Each of these flaws received a score of 7/10 on the Common Vulnerability Scoring System (CVSS) scale. If exploited, these security flaws would allow a local threat actor to perform an escalation of privileges and execute shell commands on the affected deployments.

Below is a brief explanation of the three critical flaws reported by Palo Alto security researchers.

The first of these reports refers to a vulnerability in the format string of the PAN-OS log daemon in the Panorama firewall controller, which would allow an authenticated local attacker to execute arbitrary code by bypassing the restriction of access to the shell and privilege escalation attack. This vulnerability was tracked as CVE-2020-1979.

The second reported vulnerability, tracked as CVE-2020-1980, is a command injection flaw that resides in the PAN-OS CLI. Successful exploitation would allow an authenticated local threat actor to bypass the shell access restriction for escalation of privileges, cyber security course experts mention.

The third flaw was tracked as CVE-2020-1981. This vulnerability in predictable temporary file names in PAN-OS would allow malicious hackers to perform a local privilege escalation.

Cyber security course members mention that there are no known workarounds at the moment, so administrators of vulnerable deployments are recommended to upgrade PAN-OS to version 8.1.13 or later as soon as possible.

For more information on recently found security flaws, exploits, cyberattacks, and malware analysis, you can visit the official website of the International Institute of Cyber Security (IICS), as well as the official sites of tech companies.