Palo Alto Networks GlobalProtect vulnerability
This blog contains information regarding a Palo Alto Networks GlobalProtect Portal vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
T-Update
This blog contains information regarding a Palo Alto Networks GlobalProtect Portal vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
Update November 11, 2021
10:00 | Palo Alto networks has published information regarding a critical remote code execution vulnerability (CVE-2021-3064) in their GlobalProtect Portal VPN. On the 10th of November a patch was released. We advise to check if your products are listed and apply the patch as soon as possible.
Background
The unauthenticated remote code vulnerability allows a remote attacker to gain full control over the firewall, which may imply full access to your internal network resources. Palo Alto firewalls running version 8.1 of PAN-OS with GlobalProtect enabled (specifically versions < 8.1.17) are vulnerable. Patches are available. If you run version 8.1, make sure to upgrade to at least version 8.1.17. In addition, Palo Alto published Threat Prevention Signatures to block the issue: • ID 91820 • ID 91855
Risk
Palo Alto networks has published information regarding a critical remote code execution vulnerability in their GlobalProtect Portal VPN. The unauthenticated remote code execution vulnerability allows a remote attacker to gain full control over the firewall, which may imply full access to your internal network resources. The vulnerability CVE-2021-3064 has a CVSS-score of 9.8. The CVSS scale runs from 0 to 10. A score of 9.8 or higher is rare and implies a high risk of exploitation with a high impact.
Advice
Sources
Sign up to receive T-Updates
Receive the latest vulnerabilities in your email every Wednesday
More than 1,000 organisations have already joined us.
