Palo Alto Networks has disclosed a high-severity command injection vulnerability in its PAN-OS software that could allow authenticated administrators to bypass system restrictions and execute arbitrary code with root privileges on the firewall.
The vulnerability, tracked as CVE-2024-8686, affects PAN-OS version 11.2.2 and has been patched in version 11.2.3 and later releases. Other PAN-OS versions, including 11.1, 11.0, 10.2, and 10.1, as well as Cloud NGFW and Prisma Access, are not impacted by this flaw.
Palo Alto Networks has assigned the vulnerability a CVSS v4.0 base score of 8.6, indicating a high severity. The company stated that it is currently not aware of any malicious exploitation of this issue in the wild.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
The vulnerability is classified as a CWE-78 weakness type, which involves improper neutralization of special elements used in an OS command, commonly known as OS command injection.
By exploiting this flaw, an authenticated administrator could potentially execute unauthorized commands on the underlying operating system of the firewall device.
To address the vulnerability, Palo Alto Networks recommends upgrading to PAN-OS version 11.2.3 or later. The company credited security researcher Louis Lingg for discovering and reporting the issue responsibly.
This disclosure comes amidst heightened concerns over the security of firewall devices, as they play a critical role in protecting corporate networks from cyber threats.
In April 2024, Palo Alto Networks warned of a critical zero-day vulnerability (CVE-2024-3400) in its PAN-OS software that was being actively exploited in the wild.
As organizations increasingly rely on firewalls to safeguard their digital assets, vendors must promptly address and patch vulnerabilities to minimize the risk of potential attacks.
Administrators are advised to keep their PAN-OS software up to date and regularly monitor their firewall devices for any signs of suspicious activity.
Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar