11 November 2021 [NO.TCSA : 20211111-1-1-P]
A memory corruption vulnerability found in Palo Alto Networks GlobalProtect portal and gateway interfaces that enable an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. The vulnerability was given a 9.8 (out of 10) CVSSv3 score and assigned CVE CVE-2021-3064.
PAN-OS 8.1 versions earlier than PAN-OS 8.1.17.
If your device has PAN-OS 8.x.x, upgrade to PAN-OS 8.1.17 or a later version. Additionally, enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.