Security News > 2022 > August > Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks
Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products.
The issue, tracked as CVE-2022-0028, is an URL filtering policy misconfiguration that could allow an unauthenticated, remote attacker to carry out amplified TCP denial-of-service attacks.
Using the vulnerability, a hacker could enlist a Palo Alto Networks PAN-OS device for DDoS attacks, obfuscating the original IP of the threat actor and making remediation more challenging.
Threat actors could use these attacks for various malicious behavior, such as extortion or to disrupt a company's business operations.
Palo Alto Networks states that they discovered this vulnerability after they were notified one of their devices was being used as part of an attempted reflected denial-of-service attack, meaning that the bug is actively used in attacks.
While a misconfiguration is required to remotely use a PAN-OS device to perform RDoS attacks, Palo Alto Networks is fixing the bug to prevent it from being abused both remotely and internally.
News URL
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-10 | CVE-2022-0028 | Unspecified vulnerability in Paloaltonetworks Pan-Os A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. | 0.0 |