Information security specialists reported the detection of at least three vulnerabilities in PAN-OS, the operating system used by Palo Alto Networks security solutions, primarily in their firewalls. Successful exploitation of these flaws would allow malicious actors to extract sensitive information from compromised systems.
Below are brief reports of the reported flaw, in addition to their respective scores and identification keys according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-2050: An error processing authentication requests in the GLOBALProtect SSL VPN component of PAN-OS would allow threat actors to bypass any client certificate verification with an invalid certificate.
Attackers could authenticate like any user and gain access to restricted resources. This is an average security flaw that received a score of 6.4/10.
CVE-2020-2022: PAN-OS reveals the token for the web interface manager session to managed devices when the Palo Alto Networks Panorama administrator makes a context change on that device.
Threat actors can gain privileged access to the Palo Alto Networks Panorama interface. The flaw received a score of 4.6/10.
CVE-2020-1999: Incorrect processing of exceptional conditions in the PAN-OS signature-based threat detection engine would allow unauthenticated remote attackers to communicate with devices on the network unsafely by sending specially designed TCP packets.
This is an average security flaw that received a score of 4.6/10.
These vulnerabilities reside in the following versions of Palo Alto PAN-OS: 7.1, 7.1.0, 7.1.1, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.4-h2, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.9-h4, 7.1.10, 7.1.11, 7.1.12, 7.1.13, 7.1.14, 7.1.15, 7.1.16, 7.1.17, 7.1.18, 7.1.19, 7.1.20, 7.1.21, 7.1.22, 7.1.23, 7.1.24, 7.1.24-h1, 7.1.25, 7.1.26, 8.0, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.3-h4, 8.0.4, 8.0.4-h2, 8.0.5, 8.0.6, 8.0.6-h3, 8.0.7, 8.0.8, 8.0.9, 8.0.10, 8.0.11, 8.0.11-h1, 8.0.12, 8.0.13, 8.0.14, 8.0.15, 8.0.16, 8.0.17, 8.0.18, 8.0.19, 8.0.19-h1, 8.0.20, 8.0.21, 8.1, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.4-h2, 8.1.5, 8.1.6, 8.1.6-h2, 8.1.7, 8.1.8, 8.1.8-h4, 8.1.8-h5, 8.1.9, 8.1.9-h4, 8.1.10, 8.1.11, 8.1.12, 8.1.13, 8.1.14, 8.1.15, 8.1.16, 9.0, 9.0.0, 9.0.1, 9.0.2, 9.0.2-h4, 9.0.3, 9.0.3-h2, 9.0.3-h3, 9.0.4, 9.0.5, 9.0.5-h3, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.1, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4.
Although flaws could be exploited remotely by unauthenticated threat actors, researchers have not detected exploit attempts in real-world scenarios. Updates are now ready to be installed, so users of affected installations are advised to fix them as soon as possible.