Multiple vulnerabilities in Palo Alto PAN-OS
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2020-2027 CVE-2020-2029 CVE-2020-2028 |
| CWE-ID | CWE-121 CWE-78 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Palo Alto PAN-OS Operating systems & Components / Operating system |
| Vendor | Palo Alto Networks, Inc. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Stack-based buffer overflow
EUVDB-ID: #VU28956
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2027
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote administrator to escalate privileges on the system.
The
vulnerability exists due to a boundary within the authd component of
the PAN-OS management server. A remote authenticated administrator can
send specially crafted request to the authd service, trigger a stack-based buffer overflow and crash it or execute arbitrary code with root privileges.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.6
CPE2.3- cpe:2.3:o:palo_alto_networks:pan-os:7.1.26:*:*:*:*:*:*:
- cpe:2.3:o:palo_alto_networks:pan-os:8.0.21:*:*:*:*:*:*:
- cpe:2.3:o:palo_alto_networks:pan-os:8.1.12:*:*:*:*:*:*:
- cpe:2.3:o:palo_alto_networks:pan-os:9.0.6:*:*:*:*:*:*:
http://security.paloaltonetworks.com/CVE-2020-2027
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) OS Command Injection
EUVDB-ID: #VU28958
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2029
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a user to escalate privileges on the system.
The vulnerability exists due to improper input validation. A remote authenticated administrator can send a malicious request to generate new certificates for use in the PAN-OS configuration and execute arbitrary commands with root privileges.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1 - 8.1.12
CPE2.3 External linkshttp://security.paloaltonetworks.com/CVE-2020-2029
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) OS Command Injection
EUVDB-ID: #VU28957
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2028
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote administrator to escalate privileges on the system.
The vulnerability exists due to improper input validation in PAN-OS management server when uploading a new certificate in FIPS-CC mode. A remote authenticated administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system with root privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1 - 9.0.6
CPE2.3http://security.paloaltonetworks.com/CVE-2020-2028
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
