Security News > 2019 > July > Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways

Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways
2019-07-22 10:46

Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ firewall devices. Administrators who have still not upgraded to the fixed PAN-OS versions are urged to do so quickly, as researchers have released PoC attack code that could soon be modified by motivated attackers. About the vulnerability (CVE-2019-1579) CVE-2019-1579 affects the GlobalProtect portal and GlobalProtect Gateway interface. “The bug is very … More → The post Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/ZhihM-3u_Ig/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-07-19 CVE-2019-1579 Use of Externally-Controlled Format String vulnerability in Paloaltonetworks Pan-Os
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.
network
high complexity
paloaltonetworks CWE-134
8.1
8.1