Skip to main content

Palo Alto PAN-OS Denial Of Service Vulnerability

Last Update Date: 23 Aug 2022 Release Date: 11 Aug 2022 3507 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger denial of service condition on the targeted system.

 

[Updated on 2022-08-23]

CVE-2022-0028 is being exploited in the wild. Exploitation of CVE-2022-0028 may trigger denial of service condition. The risk level is changed from medium risk to high risk correspondingly. HKCERT urges users and administrators to review the security update pages for the affected products and apply the related updates as soon as possible.

 

Note:

The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.


Impact

  • Denial of Service

System / Technologies affected

  • PAN-OS 8.1 versions earlier than PAN-OS 8.1.23-h1
  • PAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h3
  • PAN-OS 9.1 versions earlier than PAN-OS 9.1.14-h4
  • PAN-OS 10.0 versions earlier than PAN-OS 10.0.11-h1
  • PAN-OS 10.1 versions earlier than PAN-OS 10.1.6-h6
  • PAN-OS 10.2 versions earlier than PAN-OS 10.2.2-h2

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

  • Apply fixes issued by the vendor:
    Update to PAN-OS 8.1.23-h1, PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, PAN-OS 10.0.11-h1, PAN-OS 10.1.6-h6, PAN-OS 10.2.2-h2, and all later PAN-OS versions
  • For detail, please refer to the link below:
    https://security.paloaltonetworks.com/CVE-2022-0028

Vulnerability Identifier


Source


Related Link