Palo Alto Firewall Vulnerability Discovered

by Robinson Roca
Practice Leader – Network Infrastructure

Firms using Palo Alto Firewalls with PAN-OS 8.1.17 or earlier; Helient recommends an upgrade as soon as possible.  A vulnerability has been discovered.  The Vulnerability CVE-2021-3064 is categorized with a CVSS Score of 9.8.  That is extremely high on the scale, and needs to be mitigated as soon as possible.  This vulnerability literally allows an unauthenticated attacker to execute code with root privileges. Essentially, the vulnerability occurs by an attacker creating a buffer overflow while the system parses user supplied input.  Palo Alto reported, “A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges”. This vulnerability affects both physical and virtual appliances. If you need additional assistance, please contact the Palo Alto professionals at service@helient.com.

Details on the CVE can be found here:

https://security.paloaltonetworks.com/CVE-2021-3064

and

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3064