vulnerability

PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Nov 10, 2021	Nov 11, 2021	Nov 26, 2021

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Nov 10, 2021

Added

Nov 11, 2021

Modified

Nov 26, 2021

Description

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.

Solution

palo-alto-networks-pan-os-upgrade-8-1

References

CVE-2021-3064
https://attackerkb.com/topics/CVE-2021-3064
URL-https://security.paloaltonetworks.com/CVE-2021-3064

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today