Security News > 2020 > September > Vulnerabilities discovered in PAN-OS, which powers Palo Alto Networks’ firewalls

Palo Alto Networks remediated vulnerabilities in PAN-OS. Attackers can use these vulnerabilities to gain access to sensitive data or develop the attack to gain access to the internal segments of the network of a company that uses vulnerable protection tools.

Attackers can access a special firewall section, place malicious code in one of the web forms, and obtain maximum privileges in the OS. "We performed black-box testing of the NGFW management web interface to detect this vulnerability, which results from the lack of user input sanitization. During a real attack, hackers can, for example, bruteforce the password for the administrator panel, perform RCE, and gain access to the Palo Alto product, as well as the company's internal network," said Mikhail Klyuchnikov, researcher at Positive Technologies.

If a potential victim authorizes in the administrator panel and clicks a specially crafted malicious link, attackers will be able to perform any actions on behalf of this user in the context of the Palo Alto application, spoof pages, and develop attacks.

The attack can be conducted from the Internet, but if the administrator panel is located inside, attackers will have to know its address inside the network.

The exception is some basic commands; however, attackers can inject any OS commands using insufficient filtering of user data.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/0CIB0vNE0ds/