3 security flaws turn Palo Alto’s firewall into a time bomb. Update now

Network penetration testing specialists reported the finding of at least three vulnerabilities in PAN-OS, the operating system that works on Palo Alto Networks security solutions. According to the report, the successful exploitation of these flaws can lead to the injection of commands, among other scenarios.

Below are brief overviews of reported vulnerabilities, in addition to their respective scores and identification keys according to the Common Vulnerability Scoring System (CVSS).

CVE-2020-2034: Incorrect input validation on the PAN-OS GlobalProtect portal allows remote hackers to execute arbitrary shell commands on the target system. Threat actors can pass specially designed data to the application to exploit the flaw, network penetration testing specialists mentioned.

This is a critical flaw and its exploitation would allow the target system to be completely compromised. The vulnerability received a score of 8.5/10.

CVE-2020-2031: This flaw exists due to a lower flow of integers in the dnsproxyd component of the PAN-OS web management interface, which would allow remote hackers to deploy denial-of-service (DoS) attacks by sending specially crafted requests to the affected application.

This is a low severity vulnerability and received a score of 4.2/10 on the CVSS scale, so the risk of exploitation is not considered critical.

CVE-2020-2030: Incorrect input validation on the PAN-OS management interface would allow remote threat actors to execute arbitrary shell commands on the vulnerable system. Remote hackers could pass specially designed data and execute commands for malicious purposes, network penetration testing specialists mentioned.

This is an average severity vulnerability that received a CVSS score of 7.9/10. Successful exploitation would seriously compromise the affected system.

While vulnerabilities can be exploited remotely by unauthenticated threat actors, specialists have not detected attempts to exploit in real-world scenarios or the existence of a malware variant linked to this attack. 

All three flaws were acknowledged and corrected by Palo Alto in a timely manner, so users of affected deployments are advised to verify their installation. For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.