Security News > 2022 > August > Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks
Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products.
The issue, tracked as CVE-2022-0028, is an URL filtering policy misconfiguration that could allow an unauthenticated, remote attacker to carry out amplified TCP denial-of-service attacks.
Using the vulnerability, a hacker could enlist a Palo Alto Networks PAN-OS device for DDoS attacks, obfuscating the original IP of the threat actor and making remediation more challenging.
Threat actors could use these attacks for various malicious behavior, such as extortion or to disrupt a company's business operations.
Palo Alto Networks states that they discovered this vulnerability after they were notified one of their devices was being used as part of an attempted reflected denial-of-service attack, meaning that the bug is actively used in attacks.
While a misconfiguration is required to remotely use a PAN-OS device to perform RDoS attacks, Palo Alto Networks is fixing the bug to prevent it from being abused both remotely and internally.
News URL
Related news
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
- Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- 2,000 Palo Alto Networks devices compromised in latest attacks (source)
- Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign (source)
- Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-10 | CVE-2022-0028 | Unspecified vulnerability in Paloaltonetworks Pan-Os A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. | 8.6 |