Techly NewsGet the app

Get the latest tech news

Unauthenticated, RCE vulnerability in Palo Alto firewalls, exploits in the wild


A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated atta...

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. You can verify whether you have a GlobalProtect gateway configured by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways) and verify whether you have device telemetry enabled by checking your firewall web interface (Device > Setup > Telemetry). Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of RCE

RCE

Photo of Palo Alto

Palo Alto

Photo of Exploits

Exploits

Related news:

News photo

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

News photo

Apex Legends players worried about RCE flaw after ALGS hacks

News photo

Fortinet warns of critical RCE bug in endpoint management software

Notes on Git's Error Messages »