PAN-OS Buffer overflow vulnerability (CVE-2020-2040)

Within a span of three months, one more critical vulnerability with a score of 10.0 has been observed in PAN-OS devices. When a Captive Portal or Multi-factor authentication interface is enabled on PAN-OS devices, it is considered to be vulnerable to critical buffer overflow vulnerability. This vulnerability is classified as CWE-120 and assigned CVE-2020-2040, on … Continue reading “PAN-OS Buffer overflow vulnerability (CVE-2020-2040)”

Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)

Summary:   A critical advisory was released by Palo Alto Networks for PAN-OS. PAN OS is the software that runs all Palo Alto Networks next-generation firewalls.   Advisory Link:   Description:   Authentication Bypass vulnerability was found in SAML(Security Assertion Markup Language) Authentication. An unauthenticated network-based attacker can access protected resources due to improper verification of signatures in PAN-OS SAML authentication.    SAML Workflow  SAML … Continue reading “Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)”

Palo Alto Networks Expedition (Migration Tool) Unauthenticated Command Injection Vulnerability

A remote command injection vulnerability has been identified in Palo Alto Expedition (Migration Tool) . Expedition tool is used for moving firewall configurations from another vendor to Palo Alto’s product. It makes the conversion process easier to accomplish. MITRE has assigned CVE-2018-10143 for this vulnerability. Vulnerability Analysis: This vulnerability exists in convertCSVtoParquet.php which accepts user controlled input in a path … Continue reading “Palo Alto Networks Expedition (Migration Tool) Unauthenticated Command Injection Vulnerability”

PAN-OS Remote Root Code Execution : CVE-2017-15944

A remote code execution vulnerability has been discovered in the PAN-OS. The vulnerability has been assigned CVE-2017-15944. By exploiting this vulnerability an attacker can achieve arbitrary code execution in root context. The target is the web based management interface provided by the device for configuration and maintenance. The vulnerable versions are PAN-OS before 6.1.19, 7.0.x before 7.0.19, … Continue reading “PAN-OS Remote Root Code Execution : CVE-2017-15944”