Palo Alto VPNs, firewalls suffer from high-severity vulnerability

A variety of VPNs (opens in a new tab) and Palo Alto Networks’ firewall products suffer from a high-severity vulnerability, the company warned.

According to a BeepComputer report, PAN-OS, the GlobalProtect application, and the Cortex XDR agent software run on a vulnerable version of the OpenSSL library. Prisma Cloud and Cortex XSOAR do not suffer from the same issue, Palo Alto confirmed.

The vulnerability, identified as CVE-2022-0778, was discovered three weeks ago and, if abused, can allow a denial of service (DoS) attack or remotely crash the vulnerable endpoint.

Waiting for the patch

OpenSSL fixed the flaw two weeks ago, but it will still be some time before Palo Alto manages to implement the fix for its own products. It looks like customers will have to wait at least another week.

In the meantime, those who subscribe to the Threat Prevention service can enable Threat IDs 92409 and 92411 to block incoming attacks, it was said.

Palo Alto says it hasn’t seen these vulnerabilities exploited in the wild, although there is proof-of-concept available, suggesting it may only be a matter of time before someone abuses it. of the bug.

“The flaw is not too difficult to exploit, but the impact is limited to DoS. The most common scenario where exploiting this flaw would be a problem would be for a TLS client to access a malicious server that delivers a problematic certificate,” an OpenSSL spokesperson said. BeepComputer.

“TLS servers can be affected if they are using client authentication (which is a less common configuration) and a malicious client tries to connect to them. It’s hard to guess to what extent this will translate into exploit activated.”

See also  Twitter's new features may cure your fears about Elon Musk's takeover

Via BleepingComputer (opens in a new tab)

Leave a Comment