Serious Remote Code Execution Flaw Found in Palo Alto Networks GlobalProtect Portal and Gateway

11 November 2021 [NO.TCSA : 20211111-1-1-P]

PUBLISHED:
11 November 2021

Serious Remote Code Execution Flaw Found in Palo Alto Networks GlobalProtect Portal and Gateway

A memory corruption vulnerability found in Palo Alto Networks GlobalProtect portal and gateway interfaces that enable an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. The vulnerability was given a 9.8 (out of 10) CVSSv3 score and assigned CVE CVE-2021-3064.

Affected Versions

PAN-OS 8.1 versions earlier than PAN-OS 8.1.17.

Mitigation

If your device has PAN-OS 8.x.x, upgrade to PAN-OS 8.1.17 or a later version. Additionally, enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.

More Information

16 April 2024 [NO.TCSA : 20240416-1-1-P]

Critical Command Injection Vulnerability Found in Palo Alto Networks GlobalProtect

READ MORE READ MORE
9 February 2024 [NO.TCSA : 20240209-1-1-P]

Critical Remote Code Execution Vulnerability Found in FortiOS SSL VPN

READ MORE READ MORE
13 July 2023 [NO.TCSA : 20230713-1-1-P]

Fortinet Patches Critical Remote Code Execution Vulnerability in FortiOS/FortiProxy

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN