Tuesday, July 5, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Zero day discovered in Palo Alto security appliance

Zero day discovered in Palo Alto security appliance

Randori cybersecurity researchers discovered a zero day vulnerability, which affects PAN firewalls using the GlobalProtect Portal VPN.

Atalay Kelestemur by Atalay Kelestemur
November 12, 2021
in Cybersecurity
1 min read
0 0
0
Zero day discovered in Palo Alto security appliance
0
SHARES
23
VIEWS
Share on FacebookShare on TwitterShare on EmailFollow on Google News

Security researchers at cybersecurity company Randori discovered a zero-day flaw in GlobalProtect VPN. There are around 10,000 servers running this product already. The flaw allows the attackers to execute remote code on the vulnerable product installations.

Affecting multiple versions

The flaw is tracked as CVE-2021-3064, affecting PAN firewalls using the GlobalProtect Portal VPN. The flaw is a buffer overflow, which occurs while parsing user input into a fixed length and affects multiple versions of PAN-OS 8.1 before 8.1.17. For exploiting the vulnerability, the attacker must have network access to the device on the GlobalProtect service port – the default port is 443 – that is often accessible over the internet.

Randori researchers said, « Our team was able to gain a shell on the affected target, access sensitive configuration data, extract credentials, and more. Once an attacker has control over the firewall, they will have visibility into the internal network and can proceed to move laterally. Randori researchers have not exploited the buffer overflow to result in controlled code execution on certain hardware device versions with MIPS-based management plane CPUs due to their big-endian architecture, though the overflow is reachable on these devices and can be exploited to limit the availability of services. »

If you are using Palo Alto Networks security appliance and GlobalProtect Portal VPN is running on your systems, we highly recommend you to update it to the latest, fixed & stable version.

See more Cyber Security News


Tags: Palo Alto Networks
ShareTweetSendShare
Atalay Kelestemur

Atalay Kelestemur

Atalay Kelestemur is the Editor-in-Chief of Cloud7 News. He was most recently the chief editor of T3. Prior to that, he was the managing editor of BYTE. He also served as software editor in PC World. Atalay Kelestemur has covered the technology industry since 1996, publishing articles in PC Net, IT Pro, Computer World, PC Life, CyberMag, and CIO magazines. Atalay Kelestemur is an information system security professional and his area of expertise includes Linux security, penetration testing, secure software development, malware removal, and computer forensics. Atalay Kelestemur is the author of Pardus 2011, Ubuntu, Windows 8, and Siber Istihbarat (Cyber Intelligence). Atalay graduated with a Bachelor's Degree in Maritime from Istanbul Technical University. He earned a master's degree in political science from Gedik University, where he wrote his thesis on The Importance of Cyber Intelligence on Public Security. Now he is working on his Ph.D. thesis on international trade, covering the cybersecurity threats and countermeasures on the maritime industry.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
InMotion Hosting now offering Google Workspace to its new and existing customers

InMotion Hosting now offering Google Workspace to its new and existing customers

Related News

HackerOne employee caught publishing stolen vulnerability reports anonymously

HackerOne employee caught publishing stolen vulnerability reports anonymously

July 4, 2022 9:55 pm
Google will merge Chrome and Android password managers

Google is merging Chrome and Android password managers

July 4, 2022 5:00 pm
8220 gang targeting Linux systems again, Microsoft says

8220 gang targeting Linux systems again, Microsoft says

July 1, 2022 2:52 pm
Kaspersky found a module backdoor in Microsoft Exchange

Kaspersky found a module backdoor in Microsoft Exchange

July 1, 2022 1:50 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

10 Best Web Hosting Services of 2022

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Kali Linux 2022.2 is ready for download

Advertisement

Recent News

  • HackerOne employee caught publishing stolen vulnerability reports anonymously
  • Systemd-oom won’t be included in Linux Mint 21
  • Google is merging Chrome and Android password managers
  • GNOME 43 will come with support for web apps in Software
  • Software Freedom Conservancy boycotts GitHub

Our Latest Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic
Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic

by Atalay Kelestemur
November 25, 2021 3:23 am


Cloud7 News is a news source that publishes the latest news, industry news and exclusive interviews on web hosting, cloud computing, data center, cybersecurity and linux.

News Categories

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Blockchain

Our Free Modules

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.