Palo Alto Networks has issued a high-severity security update for the Prisma Access Browser, addressing multiple vulnerabilities discovered in the underlying Chromium engine. This update, identified as PAN-SA-2024-0007, supersedes the Talon Browser and incorporates critical security fixes from recent Chromium updates.
The vulnerabilities primarily involve “use after free” issues, type confusion, and insufficient data validation within various components of the Chromium engine, such as V8, Media Stream, and WebAudio.
These flaws could potentially allow attackers to execute arbitrary code, leading to a compromise of confidentiality, integrity, and availability of the affected systems.
- Severity: High (CVSSv4.0 Base Score: 8.6)
- Urgency: Moderate
- Response Effort: Low
- Recovery: Automatic
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Active
Affected Versions:
- Prisma Access Browser: Versions below 126.183.2844.1 are affected.
- Unaffected Versions: Version 127.100.2858.4 and later are not affected.
Users are strongly advised to update to Prisma Access Browser version 127.100.2858.4 or later to mitigate these vulnerabilities. The update includes fixes for all listed CVEs and enhances the browser’s security posture.
Easily analyze emerging malware with ANY.RUN interactive online sandbox - Try 14 Days Free Trial
Other Vulnerabilities:
In addition to the Prisma Access Browser vulnerabilities, several other security issues have been identified and addressed across various Palo Alto Networks products.
These include CVE-2024-5914, a command injection vulnerability in the Cortex XSOAR CommonScripts pack, affecting versions below 1.12.33. This flaw allows unauthenticated attackers to execute arbitrary commands within an integration container.
Another vulnerability, CVE-2024-5915, affects the GlobalProtect App on Windows, leading to local privilege escalation. This vulnerability impacts versions below 6.3.1, allowing local users to execute programs with elevated privileges.
Lastly, CVE-2024-5916 involves the cleartext exposure of external system secrets in PAN-OS, affecting versions 11.0 below 11.0.4 and 10.2 below 10.2.8. This vulnerability allows local system administrators to disclose secrets, passwords, and tokens of external systems.
Timeline:
- August 14, 2024: Initial publication of the vulnerability advisory.
- August 15, 2024: Clarification of affected and unaffected versions.
For further details on the specific CVEs addressed, users can refer to the Chromium stable channel updates from July and August 2024. These updates highlight the security improvements incorporated into the Prisma Access Browser to protect against potential exploits.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot