3 flaws in Palo Alto firewall allows hackers to break your network security

Network penetration testing specialists have revealed the finding of at least three vulnerabilities in PAN-OS, the software that runs on all the latest firewall solutions of security firm Palo Alto Networks. According to the report, exploiting these security flaws could lead to malicious scenarios such as command execution.

Below are brief overviews of reported security flaws, in addition to their respective scores and tracking keys according to the Common Vulnerability Scoring System (CVSS).

CVE-2020-2027: This vulnerability exists due to a boundary within the authd component of the PAN-OS management server that would allow a remote administrator to scale privileges on the target system.

A threat actor might send a specially crafted request to the authentication service, trigger a buffer overflow, and execute arbitrary code with high privileges.

The vulnerability received a score of 6.3/10 and, although it can be exploited remotely, wireless network security experts report that there is no malware variant associated with this security risk.

CVE-2020-2029: This flaw exists due to incorrect input validation that would allow threat actors to scale privileges on the system. An authenticated user might submit a specially crafted request to generate new certificates and execute arbitrary commands on PAN-OS.

The flaw received a CVSS score of 6.3/10, so it is considered a low severity problem. CVE-2020-2029 could also be exploited remotely, although there is no exploit associated with this attack.

CVE-2020-2028: This vulnerability exists due to incorrect inbound validation on the PAN-OS management server when uploading a new certificate in FIPS-CC mode, which would allow to escalation of privileges on the target system.

A remote authenticated administrator can pass specially designed data to the application and execute arbitrary operating system commands on the target system with root privileges, network penetration testing experts claim.

This flaw could also be exploited remotely by authenticated attackers, although so far there are no malware variants capable of exploiting the flaw. The vulnerability received a CVSS score of 6.3/10 on the CVSS scale, so it is considered a reduced severity error.

Palo Alto acknowledged the report and began developing the corresponding security patches to address these flaws. Updates are already available, so users of affected deployments should only verify the installation of updates.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.