November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – BrushaLoader Ransomware Still Sweeping Victims
July 23, 2019Rewterz Threat Alert – Newly Discovered Malware Framework Cashing in on Ad Fraud
July 23, 2019Rewterz Threat Alert – BrushaLoader Ransomware Still Sweeping Victims
July 23, 2019Rewterz Threat Alert – Newly Discovered Malware Framework Cashing in on Ad Fraud
July 23, 2019
Severity
High
Analysis Summary
Palo Alto PAN-OS could allow a remote attacker to execute arbitrary code on the system, caused by an error in its GlobalProtect portal and GlobalProtect Gateway interface products. By sending a specially crafted request to a vulnerable SSL VPN target, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Code Execution
Privilege access
Affected Vendors
Palo Alto
Affected Products
- PAN-OS 7.1.18 and earlier
- PAN-OS 8.0.11 and earlier
- PAN-OS 8.1.2 and earlier
Remediation
Update to PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases.