CVE-2020-2040: PAN-OS Buffer Overflow Vulnerability Alert
Recently, Palo Alto Networks (PAN) issues a security bulletin, disclosing a serious vulnerability numbered CVE-2020-2040 with a CVSS score of 9.8. This vulnerability is a buffer overflow vulnerability in PAN-OS. When a captive portal is enabled or multi-factor authentication (MFA) is configured, an unauthenticated attacker can send malicious messages to the Captive Portal or Multi-Factor Authentication interface. Requests for exploitation may cause system processes to be interrupted and allow the use of root privileges to execute arbitrary code on PAN-OS devices. This vulnerability is easy to exploit and does not require user interaction.
Affected version
- PAN-OS = 8.0.X
- 8.1.X < PAN-OS < 8.1.15
- 9.0.X< PAN-OS <9.0.9
- 9.1.X< PAN-OS <9.1.3
Unaffected version
- PAN-OS >= 8.1.15
- PAN-OS >= 9.0.9
- PAN-OS >= 9.1.3
- PAN-OS >= 10.0.0
Solution
At present, the Paloalto Networks has released an updated version for this vulnerability, please upgrade to the unaffected version as soon as possible.
