Palo Alto PAN-OS Denial Of Service Vulnerability
RISK: High Risk
TYPE: Security software and application - Security Software & Appliance
A vulnerability has been identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger denial of service condition on the targeted system.
[Updated on 2022-08-23]
CVE-2022-0028 is being exploited in the wild. Exploitation of CVE-2022-0028 may trigger denial of service condition. The risk level is changed from medium risk to high risk correspondingly. HKCERT urges users and administrators to review the security update pages for the affected products and apply the related updates as soon as possible.
The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.
- Denial of Service
System / Technologies affected
- PAN-OS 8.1 versions earlier than PAN-OS 8.1.23-h1
- PAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h3
- PAN-OS 9.1 versions earlier than PAN-OS 9.1.14-h4
- PAN-OS 10.0 versions earlier than PAN-OS 10.0.11-h1
- PAN-OS 10.1 versions earlier than PAN-OS 10.1.6-h6
- PAN-OS 10.2 versions earlier than PAN-OS 10.2.2-h2
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
Update to PAN-OS 8.1.23-h1, PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, PAN-OS 10.0.11-h1, PAN-OS 10.1.6-h6, PAN-OS 10.2.2-h2, and all later PAN-OS versions
- For detail, please refer to the link below: