Severity
High
Analysis Summary
Palo Alto PAN-OS could allow a remote attacker to execute arbitrary code on the system, caused by an error in its GlobalProtect portal and GlobalProtect Gateway interface products. By sending a specially crafted request to a vulnerable SSL VPN target, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Code Execution
Privilege access
Affected Vendors
Palo Alto
Affected Products
Remediation
Update to PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases.