CVE-2020-2040: PAN-OS Buffer Overflow Vulnerability Alert

Recently, Palo Alto Networks (PAN) issues a security bulletin, disclosing a serious vulnerability numbered CVE-2020-2040 with a CVSS score of 9.8. This vulnerability is a buffer overflow vulnerability in PAN-OS. When a captive portal is enabled or multi-factor authentication (MFA) is configured, an unauthenticated attacker can send malicious messages to the Captive Portal or Multi-Factor Authentication interface. Requests for exploitation may cause system processes to be interrupted and allow the use of root privileges to execute arbitrary code on PAN-OS devices. This vulnerability is easy to exploit and does not require user interaction.CVE-2020-2040

Affected version

  • PAN-OS = 8.0.X
  • 8.1.X < PAN-OS < 8.1.15
  • 9.0.X< PAN-OS <9.0.9
  • 9.1.X< PAN-OS <9.1.3

Unaffected version

  • PAN-OS >= 8.1.15
  • PAN-OS >= 9.0.9
  • PAN-OS >= 9.1.3
  • PAN-OS >= 10.0.0

Solution

At present, the Paloalto Networks has released an updated version for this vulnerability, please upgrade to the unaffected version as soon as possible.