Palo Alto firewalls have some worrying serious flaws
- Security researchers from Eclypsium find several bugs in multiple Palo Alto Networks firewalls
- They claim the vulnerabilities are quite severe
- Palo Alto Networks says if the OS is up to date, and security settings nominal, there is no risk
Security researchers have slammed Palo Alto Networks firewalls, claiming to have discovered severe vulnerabilities which undermine the entire point of the products.
Cybersecurity researchers Eclypsium published a report detailing a host of security flaws impacting Palo Alto Networks’ firewall firmware as well as misconfigured security features.
The company responded by saying the vulnerabilities were a stretch, that they’re close to impossible to leverage in the wild, and that they’ve not seen them abused anywhere.
LogoFAIL, PixieFAIL, and other woes
“These weren’t obscure, corner-case vulnerabilities,” the researchers said. “Instead these were very well-known issues that we wouldn’t expect to see even on a consumer-grade laptop. These issues could allow attackers to evade even the most basic integrity protections, such as Secure Boot, and modify device firmware if exploited.”
Eclypisum said the flaws were found in PA-3260, PA-1410, and PA-415. The first one reached end-of-sale in mid-2023, while the other two are still fully supported.
The bugs are tracked as CVE-2020-10713, CVE-2022-24030, CVE-2021-33627, CVE-2021-42060, CVE-2021-42554, CVE-2021-43323, and CVE-2021-45970, LogoFAIL, PixieFail, CVE-2023-1017, and Intel bootguard leaked keys bypass.
After the news broke, The Hacker News reached out to the company for comment. Palo Alto Networks responded by saying that “the scenarios required for successful exploitation do not exist on up-to-date PAN-OS software under normal conditions with secured management interfaces deployed according to best practice guidelines.”
In other words, if the firewalls’ OS is up to date, and secured management interfaces are properly deployed, there is no risk.
“Palo Alto Networks is not aware of any malicious exploitation of these issues. We stand by the quality and integrity of our technology,” it added.
“While the conditions required to exploit these vulnerabilities are not available to users or administrators of PAN-OS software, we are working with the third-party vendor to develop any mitigations that may be needed. We will provide further updates and guidance to impacted customers as they become available.”
You might also like
Security researchers from Eclypsium find several bugs in multiple Palo Alto Networks firewalls They claim the vulnerabilities are quite severe Palo Alto Networks says if the OS is up to date, and security settings nominal, there is no risk Security researchers have slammed Palo Alto Networks firewalls, claiming to have…
